Tighten Pro C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation
  Tighten Pro - in the Mac App Store
Tighten Pro is now available in the Mac App Store.
Simply click on the icon to the left to purchase directly from Apple.
Or choose PKCS#7Viewer.app by clicking the image to the right.
|
Mac Developer: North Korea's OS X clone is a dictator's 'wet dream'
North Korea's OS X clone is a dictator's 'wet dream' RedStar is based on Fedora 11, the Linux version released in 2009. Despite this, it borrows Apple’s user interface for OS X right down to the dock, menu bars, settings, and even the spinning beachball of doom.
It's like the dark side vs. the force. No metaphor required.
Labels: security policy, security research
|
|
|
Mac Developer: Edward Snowden: The Untold Story | WIRED
Edward Snowden: The Untold Story | WIRED I confess to feeling some kinship with Snowden. Like him, I was assigned to a National Security Agency unit in Hawaii—in my case, as part of three years of active duty in the Navy during the Vietnam War. Then, as a reservist in law school, I blew the whistle on the NSA when I stumbled across a program that involved illegally eavesdropping on US citizens.
Hmmm, not sure if it's still untold. I think it's told. Is it now told?
Labels: security policy
|
|
|
Mac Developer: Exploit Logs You Into Linux Systems After Hitting Backspace 28 Times | News & Opinion | PCMag.com
Exploit Logs You Into Linux Systems After Hitting Backspace 28 Times | News & Opinion | PCMag.com Though most of you likely don't run Linux—specifically, one using the Grub2 bootloader—you'll surely appreciate the unintended humor of a brand-new exploit that was recently found for said bootloader. The exploit is being quickly patched by various major Linux distros, including Ubuntu, Red Hat, and Debian, and it also requires physical access to an unpatched machine to work, so it's not the worst potential vulnerability, just one of the sillier ones.
Hmmmm.
Labels: security flaw
|
|
|
Mac Developer: Another pirated app service uses Apple enterprise license to distribute stolen software
Another pirated app service uses Apple enterprise license to distribute stolen software Thought to be run by Chinese owners located in Shanghai, the vShare App Market has officially been in operation since 2011 and is recognized in some jailbreaking circles as a go-to source for free apps. The service recently gained notoriety for compatibility with non-jailbroken iPhones and iPads running iOS 8 and above.
Like other recent pirated app services, vShare is built on Apple's enterprise licensing technology. Designed for corporations or other entities with large iOS device deployments, Apple Developer Enterprise certificates allow license holders to provision their own apps for internal distribution and download.
There's that inconvenient software monoculture getting all up in yo face again. Labels: security policy
|
|
|
Mac Developer: Cock.li e-mail server seized by German authorities, admin announces | Ars Technica
Cock.li e-mail server seized by German authorities, admin announces | Ars Technica "That means that SSL keys and private keys and full mail content of all 64,500 of my users, as well as hashed passwords, registration time, and the last seven days of logs were all confiscated and now are in the hands of German authorities," Vincent Canfield said.
Do you know where your keys are?
Labels: security policy
|
|
|
Mac Developer: Here are the devices law enforcement use to spy on you
Here are the devices law enforcement use to spy on you The Intercept obtained the catalog of devices used by federal and local law enforcement to collect and monitor cell phone data. The tracking hardware -- including the infamous Stingray -- in the catalog is accompanied by its capabilities including, limitations, "planning factors," price and manufacturer.
"I'm not paranoid, people are really out to get me." Labels: security policy
|
|
|
Mac Developer: BlackBerry CEO bashes Apple's data privacy policies
BlackBerry CEO bashes Apple's data privacy policies In a post to Blackberry's official blog on Thursday, CEO John Chen slammed tech companies like Apple that "put their reputations over the greater good" by providing — and advertising — strong encryption and data privacy policies to all users, even criminals.
Because nothing says secure system like a backdoor left behind for the NSA. And nothing says national security like the global surveillance of Snapchat messages. Labels: security policy
|
|
|
Mac Developer: 60 Minutes will go inside Jony Ive's 'secret design studio' this Sunday
60 Minutes will go inside Jony Ive's 'secret design studio' this Sunday 60 Minutes viewers will get an early Christmas present this Sunday, as presenter Charlie Rose gets a rare peak inside Jony Ive’s design studio, while also receiving a tour of “Apple’s store of the future” from retail guru Angela Ahrendts.
I think this is a terrible mistake because there is a reason the Lockheed skunkworks was such a prolific producer of amazing albeit deadly technology.
Labels: skunkworks
|
|
|
Mac Developer: DanTheMan827/ios-app-signer
DanTheMan827/ios-app-signer This is an app for OS X that can (re)sign apps and bundle them into ipa files that are ready to be installed on an iOS device.
Hmmm! Sideloading über alles!
Labels: android vs. ios
|
|
|
Mac Developer: SHA1 sunset will block millions from encrypted net, Facebook warns | Ars Technica
SHA1 sunset will block millions from encrypted net, Facebook warns | Ars Technica Tens of millions of Internet users will be cut off from encrypted webpages in the coming months unless sites are permitted to continue using SHA1, a cryptographic hashing function that's being retired because it's increasingly vulnerable to real-world forgery attacks, Facebook and Web security company CloudFlare have warned.
That's OK because we want you to spend your annual income on buy a new computer anyway. After all, selling you something is what keeps Wall Street happy. Labels: security policy
|
|
|
Mac Developer: Kazakhstan will require internet surveillance back doors
Kazakhstan will require internet surveillance back doors Want to know why it's a bad idea for the government to ask for back door access to your data? Here's why. As of January 1st, Kazakhstan will require the presence of a "national security certificate" on every internet-capable device in the country.
Isn't it great you don't have a way to delete the system-installed trusted root certificates on the iPhone? Between the proliferation of drones and these great unix devices, can we now just be clear that the conditions for the Skynet robot overlords are now in place? Labels: skynet, terminator movie
|
|
|
| |
|