Links...
 
Tighten Pro
C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation

Tighten Pro - in the Mac App Store

Tighten Pro is now available in the Mac App Store. Simply click on the icon to the left to purchase directly from Apple. Or choose PKCS#7Viewer.app by clicking the image to the right.

12.30.2016
Mac Developer: How Police Get Your Private Facebook Data | The Daily Dot

How Police Get Your Private Facebook Data | The Daily Dot: "It should come as no surprise, then, that the latest summary report by the social media network indicated another increase in requests for Facebook user account information by the U.S government and law enforcement agencies."

That's a TMI!

Labels:

By : Tighten How Police Get Your Private Facebook Data | The Daily Dot 0 comments

 
Mac Developer: Death to Apple's Mac Mini: I made a Hackintosh

Death to Apple's Mac Mini: I made a Hackintosh: "There's an option known as Hackintosh. It's a process of getting MacOS to run on PCs, and it's possible thanks to a group of way-nerdier-than-I-am people who are always finding new ways to make it work."

Maybe one day Mac OS will be like Linux simply because Apple cares more about the iPhone. Could be good thing. Could be a bad thing. Could be nothing.

Labels: , , ,

By : Tighten Death to Apple's Mac Mini: I made a Hackintosh 0 comments

 
12.29.2016
Mac Developer: Trio charged with $4m insider trading by hacking merger lawyers • The Register

Trio charged with $4m insider trading by hacking merger lawyers • The Register: "Manhattan US attorney Preet Bharara said: "This case of cyber meets securities fraud should serve as a wake-up call for law firms around the world: you are and will be targets of cyber hacking, because you have information valuable to would-be criminals.”"

Dang! Both Hong and Hung.

Labels: ,

By : Tighten Trio charged with $4m insider trading by hacking merger lawyers • The Register 0 comments

 
Mac Developer: Apple engineer briefly discusses early iPhone work, hardware development security

Apple engineer briefly discusses early iPhone work, hardware development security: "Lambert claims that he wrote 6% of the MacOS Kernel as measured by lines of code, or about 100,000 lines a year, much of which was repurposed for the iOS kernel."

Code can last a long time if the layer underneath it is solid.

Labels:

By : Tighten Apple engineer briefly discusses early iPhone work, hardware development security 0 comments

 
12.23.2016
Mac Developer: Apple drops requirement for apps to use HTTPS by 2017 • The Register

Apple drops requirement for apps to use HTTPS by 2017 • The Register: "App Transport Security (ATS) arrived in 2015 iOS and OS X in 2015, in Apple's own words, “improves privacy and data integrity by ensuring your app’s network connections employ only industry-standard protocols and ciphers without known weaknesses.” Which in practical terms means apps have to use HTTPS.

Pushing you to push the envelope.

Labels:

By : Tighten Apple drops requirement for apps to use HTTPS by 2017 • The Register 0 comments

 
Mac Developer: Leaked documents show breadth of iPhone data accessible by Cellebrite forensic tool

Leaked documents show breadth of iPhone data accessible by Cellebrite forensic tool: "Cellebrite is one of a number of firms specializing in cellphone cracking technology, or more specifically mobile device intrusion and data retrieval software and hardware. The company claims its UFED tool can bypass passcode locks, extract and decode almost all data from hundreds of smartphone and tablet models, including Apple hardware. "

More things that go hmmmm in the night.

Labels:

By : Tighten Leaked documents show breadth of iPhone data accessible by Cellebrite forensic tool 0 comments

 
12.21.2016
Mac Developer: Report: Application security continues to be a problem - SD Times

Report: Application security continues to be a problem - SD Times: "Application security continues to be a problem"

Don't try to read this article in Google Chrome.

Labels:

By : Tighten Report: Application security continues to be a problem - SD Times 0 comments

 
12.18.2016
Mac Developer: Macbook seized or stolen? But you've set a FileVault password, right? Ha, it's useless • The Register

Macbook seized or stolen? But you've set a FileVault password, right? Ha, it's useless • The Register: "However, Ulf Frisk, a security researcher based in Sweden, found that he could plug an assembled device running software called PCILeech into a Mac and obtain the FileVault 2 encryption password using a direct memory access (DMA) attack during the reboot process."

Things that go hmmm in the night.

Labels:

By : Tighten Macbook seized or stolen? But you've set a FileVault password, right? Ha, it's useless • The Register 0 comments

 
12.16.2016
Mac Developer: Top tech company's IP was looted by China, so it plans to hack back • The Register

Top tech company's IP was looted by China, so it plans to hack back • The Register: "The poster child for the green energy revolution is in ruins: its executives say they have hard evidence that China's People's Liberation Army stole its breakthrough technology before it could commercialise it. So now the company plans to hack back."

It's not your mother's internet security.

Labels:

By : Tighten Top tech company's IP was looted by China, so it plans to hack back • The Register 0 comments

 
12.15.2016
Mac Developer: Slack adds group & individual video calls to workplace chat platform

Slack adds group & individual video calls to workplace chat platform: "Slack on Tuesday announced the launch of video calling for its popular workplace collaboration platform, which is rolling out to Mac, Windows, and Chrome users over the next few days."

Is it WebRTC or the revenge of the plug-in. Eventually JavaScript is not enough and then the browser (Web App) exposes a new attack surface with a huge user base. Maybe the browser should run in it's own VM. Now where have I heard that before?

Labels:

By : Tighten Slack adds group & individual video calls to workplace chat platform 0 comments

 
12.13.2016
Mac Developer: Google begins releasing its secret FBI subpoenas

Google begins releasing its secret FBI subpoenas: "The search giant posted eight of the national security requests it was allowed to disclose."

Truly, big brother is now watching you.

Labels:

By : Tighten Google begins releasing its secret FBI subpoenas 0 comments

 
12.12.2016
Mac Developer: P0wnographer finds remote code exec bug in McAfee enterprise • The Register

P0wnographer finds remote code exec bug in McAfee enterprise • The Register: ""At a first glance, Intel's McAfee VirusScan Enterprise for Linux has all the best characteristics that vulnerability researchers love: it runs as root, it claims to make your machine more secure, it's not particularly popular, and it looks like it hasn't been updated in a long time," Fasano writes."

The problem with a protection tool like this is that exposes another attack surface.

Labels: , ,

By : Tighten P0wnographer finds remote code exec bug in McAfee enterprise • The Register 0 comments

 
12.11.2016
Mac Developer: The unbearable fragility of modern Mac OS X development | publicspace.net blog

The unbearable fragility of modern Mac OS X development | publicspace.net blog: "There I’ve done it again: I shipped a broken A Better Finder Rename release despite doubling down on build system verification, code signing requirements validation and gatekeeper acceptance checks, automation, quality assurance measures, etc."

Well said, Fred!

Labels:

By : Tighten The unbearable fragility of modern Mac OS X development | publicspace.net blog 0 comments

 
12.07.2016
Mac Developer: Inside the Cybercrime World of Russia's Hackers | VICE | Canada

Inside the Cybercrime World of Russia's Hackers | VICE | Canada: "On an all new episode of CYBERWAR, we investigate the big business of Russian cybercrime and talk with hackers who say some get a pass when they work double duty for Putin and his geopolitical ambitions."

Let's cyber.

Labels:

By : Tighten Inside the Cybercrime World of Russia's Hackers | VICE | Canada 0 comments

 
12.06.2016
Mac Developer: Sony kills off secret backdoor in 80 internet-connected CCTV models • The Register

Sony kills off secret backdoor in 80 internet-connected CCTV models • The Register: "Sony has killed off what, charitably, looks like a debug backdoor in 80 of its web-connected surveillance cameras that can be exploited to hijack the devices."

Apparently, a new meaning for the term secret.

Labels:

By : Tighten Sony kills off secret backdoor in 80 internet-connected CCTV models • The Register 0 comments

 
Mac Developer: Millions exposed to malvertising that hid attack code in banner pixels | Ars Technica

Millions exposed to malvertising that hid attack code in banner pixels | Ars Technica: "Millions of people visiting mainstream websites over the past two months have been exposed to a novel form of malicious ads that embed attack code in individual pixels of the banners."

Imagine that: they can root your computer by running a banner ad.

Labels:

By : Tighten Millions exposed to malvertising that hid attack code in banner pixels | Ars Technica 0 comments

 
Mac Developer: Apple AI researchers gagged no more, now allowed to publish and confer with colleagues

Apple AI researchers gagged no more, now allowed to publish and confer with colleagues: "After years of silence from Apple's researchers over fear of losing commercial intellectual property, the company is now allowing employees in artificial intelligence to not only publish their research, but also interface with other academics in the field to further the overall development of the technology."

Either the end of the beginning or the beginning of The End.

Labels:

By : Tighten Apple AI researchers gagged no more, now allowed to publish and confer with colleagues 0 comments

 
12.05.2016
Mac Developer: Hackintosh monster Macs and iPhone 8's marquee feature

Hackintosh monster Macs and iPhone 8's marquee feature: "This week on The CultCast: Why building a Hackintosh can get you the monster Mac you’ve always wanted. Plus: Apple analyst Ming-Chi Kuo reveals iPhone 8’s marquee feature; AirPods ship date is finally revealed; and stick around for our top Apple AirPort router replacement picks!"

Things that go hmmmm in the night...

Labels:

By : Tighten Hackintosh monster Macs and iPhone 8's marquee feature 0 comments

 
12.02.2016
Mac Developer: Buffer overflow exploit can bypass Activation Lock on iPads running iOS 10.1.1 | Ars Technica

Buffer overflow exploit can bypass Activation Lock on iPads running iOS 10.1.1 | Ars Technica: "The feature has been difficult to crack, but a new exploit disclosed by Vulnerability Lab security analyst Benjamin Kunz Mejri uses a buffer overflow exploit and some iPad-specific bugs to bypass Activation Lock in iOS 10.1.1."

iPhones are what's at risk for snatchey-time.

Labels: , ,

By : Tighten Buffer overflow exploit can bypass Activation Lock on iPads running iOS 10.1.1 | Ars Technica 0 comments

 
12.01.2016
Mac Developer: Legal raids in five countries seize botnet servers, sinkhole 800,000+ domains | Ars Technica

Legal raids in five countries seize botnet servers, sinkhole 800,000+ domains | Ars Technica: "In 2010, an Anti-Phishing Working Group report called out Avalanche as "the world’s most prolific phishing gang," noting that the Avalanche botnet was responsible for two-thirds of all phishing attacks recorded in the second half of 2009 (84,250 out of 126,697). "During that time, it targeted more than 40 major financial institutions, online services, and job search providers," APWG reported. In December of 2009, the network used 959 distinct domains for its phishing campaigns. Avalanche also actively spread the Zeus financial fraud botnet at the time."

Hmmm.

Labels: , ,

By : Tighten Legal raids in five countries seize botnet servers, sinkhole 800,000+ domains | Ars Technica 0 comments

 

 

 
 
 

 Tighten    
 Generate    
 Secure    
 Inspect    
 Quarantino    
 QTZ    
 Downloads    
 Support    
 Documentation    
 Tighten App.app    
 Tighten Pro.app    
 PKCS#7Viewer.app    
 Quarzenegger.app    
 About    
 Hire    
 Contact    
 Blogger    
 FaceBook    
 iTunes Direct Link    
 Hollywood CA    
 spctl --assess -vvv    
 spctl --master-enable    
 spctl --master-disable    
 Mac App Store Receipt Validation    
 Apple Code Signing Certificates    
 Gatekeeper Developer ID Apple    
 Xcode codesign tutorial    
 [Site Map]    
 


Copyright © 2005-2020
All Rights Reserved
Tighten Pro