Links...
 
Tighten Pro
C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation

Tighten Pro - in the Mac App Store

Tighten Pro is now available in the Mac App Store. Simply click on the icon to the left to purchase directly from Apple. Or choose PKCS#7Viewer.app by clicking the image to the right.

7.30.2016
Mac Developer: MoltenGL – Molten

MoltenGL – Molten: "On both iOS and macOS, applications and games built on OpenGL ES 2.0 can use MoltenGL to provide the additional graphic performance, debugging, and performance-tuning capabilities available through Metal, without having to abandon the familiar OpenGL ES 2.0 API, or rewrite rendering logic and shaders for a different platform."

Mostly I'm excited about this as a way to unify to OpenGLES on the desktop. Why not?

Labels:

By : Tighten MoltenGL – Molten 0 comments

 
Mac Developer: Google rolls out HSTS • The Register

Google rolls out HSTS • The Register: "The HSTS automatically forces browsers to upgrade insecure HTTP connections to encrypted HTTPS. Google tried rolling it out at the end of last year but faced technical issues that knocked the Chocolate Factory's Santa tracking service offline."

You will conform.

Labels:

By : Tighten Google rolls out HSTS • The Register 0 comments

 
7.29.2016
Mac Developer: Apple's Ivan Krstic to give 'behind the scenes' iOS security talk at Black Hat USA

Apple's Ivan Krstic to give 'behind the scenes' iOS security talk at Black Hat USA: "Ivan Krstic will explore the "cryptographic design and implementation of our novel secure synchronization fabric" as it relates to technology like HomeKit, Auto Unlock, and iCloud Keychain, according to Apple. The briefing, scheduled for Aug. 4, will also go into the Secure Enclave present on Touch ID-capable devices, and "a unique JIT hardening mechanism" intended to make Safari's JIT (Just-in-Time) compiler a harder target."

Hello kimono...

Labels:

By : Tighten Apple's Ivan Krstic to give 'behind the scenes' iOS security talk at Black Hat USA 0 comments

 
7.28.2016
Mac Developer: Kim Dotcom’s lawyer will also represent alleged KickassTorrents founder | Ars Technica

Kim Dotcom’s lawyer will also represent alleged KickassTorrents founder | Ars Technica: "Just over a week ago, federal authorities announced the arrest of Artem Vaulin, a Ukrainian man that they say is the mastermind of KickassTorrents (KAT), which was the world’s largest BitTorrent search site until recently.

Vaulin, 30, has retained Ira Rothken, the California lawyer who has successfully kept Kim Dotcom out of custody in New Zealand since 2012. "

Nothing succeeds like success.

Labels:

By : Tighten Kim Dotcom’s lawyer will also represent alleged KickassTorrents founder | Ars Technica 0 comments

 
7.26.2016
Mac Developer: New attack that cripples HTTPS crypto works on Macs, Windows, and Linux | Ars Technica

New attack that cripples HTTPS crypto works on Macs, Windows, and Linux | Ars Technica: "A key guarantee provided by HTTPS encryption is that the addresses of visited websites aren't visible to attackers who may be monitoring an end user's network traffic. Now, researchers have devised an attack that breaks this protection."

Let's get those patches out ASAP. Feel sorry for all the embedded routers that have to be flashed. Yeah, that's likely to happen...

Labels:

By : Tighten New attack that cripples HTTPS crypto works on Macs, Windows, and Linux | Ars Technica 0 comments

 
7.23.2016
Mac Developer: Hacker who published LA Times login credentials ordered to prison | Ars Technica

Hacker who published LA Times login credentials ordered to prison | Ars Technica: "The original headline said, "Pressure builds in House to pass tax-cut package." It was changed to "Pressure builds in House to elect CHIPPY 1337.""

If only the same rule of law were applied to the elected officials of this same nation.

Labels: ,

By : Tighten Hacker who published LA Times login credentials ordered to prison | Ars Technica 0 comments

 
Mac Developer: Apple's latest software updates fix flaw resembling Android Stagefright

Apple's latest software updates fix flaw resembling Android Stagefright: "Apple's recent iOS, OS X, tvOS and watchOS updates patch a previously unknown security flaw that allows the surreptitious gathering of sensitive data with a simple text message, an OS-level bug which bears a striking resemblance to last year's much derided Stagefright exploit on Google's Android platform."

How long was this baby in the wild rooting devices? Security is still hard.

Labels:

By : Tighten Apple's latest software updates fix flaw resembling Android Stagefright 0 comments

 
7.21.2016
Mac Developer: Critical flaw leaves all Apple devices open to password thieves

Critical flaw leaves all Apple devices open to password thieves: "Tyler Bohan, senior security researcher at Cisco Talos, has discovered a serious vulnerability in “ImageIO,” a framework built into Apple’s platforms that handle image data. Hackers are able to take advantage of this to steal passwords stored locally on your devices."

Security is still hard.

Labels:

By : Tighten Critical flaw leaves all Apple devices open to password thieves 0 comments

 
Mac Developer: Alleged founder of world’s largest BitTorrent distribution site arrested | Ars Technica

Alleged founder of world’s largest BitTorrent distribution site arrested | Ars Technica: "HSI and IRS looked into the historical hosting records of KAT and found that for about 3.5 years, ending in January 2016, the operation was hosted out of Chicago, Illinois, which explains why the case is now being prosecuted out of the Northern District of Illinois. The site also used a Canadian hosting service—the two American agencies also used MLAT to get an image of the Canadian server."

"Don't follow leaders, Watch the parking meters" - Bob Dylan

Labels:

By : Tighten Alleged founder of world’s largest BitTorrent distribution site arrested | Ars Technica 0 comments

 
7.15.2016
Mac Developer: Crypto flaw made it easy for attackers to snoop on Juniper customers | Ars Technica

Crypto flaw made it easy for attackers to snoop on Juniper customers | Ars Technica: "As if people didn't already have cause to distrust the security of Juniper products, the networking gear maker just disclosed a vulnerability that allowed attackers to eavesdrop on sensitive communications traveling through customers' virtual private networks."

Big pipe style.

Labels: ,

By : Tighten Crypto flaw made it easy for attackers to snoop on Juniper customers | Ars Technica 0 comments

 
7.11.2016
Mac Developer: HTTPS crypto’s days are numbered. Here’s how Google wants to save it | Ars Technica

HTTPS crypto’s days are numbered. Here’s how Google wants to save it | Ars Technica: "Like many forms of encryption in use today, HTTPS protections are on the brink of a collapse that could bring down the world as we know it. Hanging in the balance are most encrypted communications sent over the last several decades. On Thursday, Google unveiled an experiment designed to head off, or at least lessen, the catastrophe."

HTTPS is dead! Long-live HTTPS!

Labels: ,

By : Tighten HTTPS crypto’s days are numbered. Here’s how Google wants to save it | Ars Technica 0 comments

 
7.08.2016
Mac Developer: Another Mac-specific malware pops up, but Apple's Gatekeeper still prevents infection

Another Mac-specific malware pops up, but Apple's Gatekeeper still prevents infection: "A second piece of Mac-specific malware has been discovered this week, one that could expose the passwords stored in the macOS Keychain. But once again, Apple's Gatekeeper security — when properly configured — will block the attack from succeeding."

Hmmm.

Labels: , , ,

By : Tighten Another Mac-specific malware pops up, but Apple's Gatekeeper still prevents infection 0 comments

 
7.02.2016
Mac Developer: Major weakness in Google's key storage breaks open Android's Full Disk Encryption

Major weakness in Google's key storage breaks open Android's Full Disk Encryption: "Higher end Android phones using premium Qualcomm chips have been seeking to court the attention of enterprise users, but new research shows that Android encryption is easy to defeat because the devices store their disk encryption keys in software, unlike Apple's iOS."

Say it ain't so!

Labels:

By : Tighten Major weakness in Google's key storage breaks open Android's Full Disk Encryption 0 comments

 

 

 
 
 

 Tighten    
 Generate    
 Secure    
 Inspect    
 Quarantino    
 QTZ    
 Downloads    
 Support    
 Documentation    
 Tighten App.app    
 Tighten Pro.app    
 PKCS#7Viewer.app    
 Quarzenegger.app    
 About    
 Hire    
 Contact    
 Blogger    
 FaceBook    
 iTunes Direct Link    
 Hollywood CA    
 spctl --assess -vvv    
 spctl --master-enable    
 spctl --master-disable    
 Mac App Store Receipt Validation    
 Apple Code Signing Certificates    
 Gatekeeper Developer ID Apple    
 Xcode codesign tutorial    
 [Site Map]    
 


Copyright © 2005-2020
All Rights Reserved
Tighten Pro