Tighten Pro C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation
Tighten Pro - in the Mac App Store
Tighten Pro is now available in the Mac App Store.
Simply click on the icon to the left to purchase directly from Apple.
Or choose PKCS#7Viewer.app by clicking the image to the right.
|
Mac Developer: Amid FBI row, Apple hires developer behind secure messaging app Signal
Amid FBI row, Apple hires developer behind secure messaging app Signal Apple is hiring Frederic Jacobs — a developer responsible for the secure chat app Signal — to work on the CoreOS security team this summer, a report noted on Friday.
Edward Snowden, the gift that keeps on giving. My favorite Snowden analysis is that he's a CIA sleeper agent tasked with reigning in the activities of the NSA. It's such a contorted, yet completely logical conclusion. Labels: security policy
|
|
|
Mac Developer: Former NSA director opposes iOS backdoor, but leans towards FBI in iPhone unlock debate
Former NSA director opposes iOS backdoor, but leans towards FBI in iPhone unlock debate "n Monday, a former director of the U.S. National Security Agency — Michael Hayden — took a middleground stance on the Apple/FBI encryption debate, supporting the FBI in the short term while opposing a universal backdoor in devices.
" READ: We like backdoors, but only when the NSA is the only one that has access. Sit and spin, FBI! Labels: security policy
|
|
|
Mac Developer: US Department of Justice files motion to force Apple to crack terrorist's iPhone
US Department of Justice files motion to force Apple to crack terrorist's iPhone The DOJ has asked a federal judge to compel Apple to help the FBI in its investigation of the San Bernardino, Calif., terrorist attack in December that resulted in 16 deaths and another 24 injuries. Friday's filing was first revealed by ABC News.
According to what I've read, the NSA could hack into this phone remotely. I'm not sure that Apple is needed if they have the physical device. Aside from the PR-opaganda that is. Labels: security policy
|
|
|
Mac Developer: Extremely severe bug leaves dizzying number of software and devices vulnerable | Ars Technica
Extremely severe bug leaves dizzying number of software and devices vulnerable | Ars Technica "It's a big deal," Washington, DC-based security researcher Kenn White told Ars, referring to the vulnerability. "This is a core bedrock function across Linux. Things that do domain name lookups have a real vulnerability if the attacker can answer."
Hard to imagine a C-language API more central to security than name lookup. Code review anyone? Labels: security flaw
|
|
|
Mac Developer: How Apple could hack terrorist's iPhone for FBI (if it wanted to) | Cult of Mac
How Apple could hack terrorist's iPhone for FBI (if it wanted to) | Cult of Mac
The iPhone 5c doesn’t have Touch ID, though, so the FBI wants to brute-force unlock it by guessing the terrorist’s PIN. The problem is, iOS will automatically wipe the device after too many unsuccessful attempts — and iOS also delays how often you can guess a passcode. So the FBI created a plan for how Apple can help the bureau get around it. It's like eminent domain, only more digital.
Labels: security policy
|
|
|
Mac Developer: “Huge” number of Mac apps vulnerable to hijacking, and a fix is elusive | Ars Technica
“Huge” number of Mac apps vulnerable to hijacking, and a fix is elusive | Ars Technica Camtasia, uTorrent, and a large number of other Mac apps are susceptible to man-in-the-middle attacks that install malicious code, thanks to a vulnerability in Sparkle, the third-party software framework the apps use to receive updates.
I've never been a fan of auto-updates. I mean, have you seen any of the Terminator movies? A huge network of unix machines with the ability to patch their own software? That's a recipe for disaster.
Labels: app security
|
|
|
Mac Developer: Big in Tehran: Inside Iran’s $140M console and PC market
Big in Tehran: Inside Iran’s $140M console and PC market The eighth generation of consoles, however, has proven uncrackable, so customers have no choice but to pay the substantially higher costs. PS4 ownership is remarkably high, reflecting the willingness of Iranian gamers to access the best regardless of cost.
State sponsored piracy. Our new friends in Iran!
Labels: security policy
|
|
|
Mac Developer: Mysterious spike in WordPress hacks silently delivers ransomware to visitors | Ars Technica
It's not yet clear how the WordPress sites are getting infected in the first place. It's possible that administrators are failing to lock down the login credentials that allow the site content to be changed. It's also feasible that attackers are exploiting an unknown vulnerability in the CMS, one of the plugins it uses, or the operating system they run on.
JavaScript is the new Flash, the security gift that keeps on giving. Labels: security policy
|
|
|
Mac Developer: Apple ordered to pay $625M in revived VirnetX patent trial
After a week of testimony and deliberation, a jury in the patent owner-friendly East Texas Federal District Court handed down a unanimous decision against Apple's FaceTime, iMessage and VPN services, as well as the devices running them, finding each in infringement of VirnetX intellectual property covering secure communications protocols.
Gifts from the state of Texas have included this, president George W. Bush, Enron and the incident on the grassy knoll. Labels: Don't mess with Texas
|
|
|
Mac Developer: NSA, GCHQ used open source software to spy on Israeli, Syrian drones | Ars Technica
NSA, GCHQ used open source software to spy on Israeli, Syrian drones | Ars Technica Iraqi insurgents, using gear that was possibly provided by Iran, were able to use SkyGrabber, a $26 "off-the-shelf" software package, to intercept video feeds from Predator drones live in 2008 and 2009 (though those feeds were not encrypted at the time).
I guess even the DOD needs a pre-existing 3rd party software module from time to time. Labels: security policy
|
|
|
| |
|