Tony Arcieri urges developers storing user-sensitive data, such as a passwords, not to use bcrypt (via Michael Tsai) for deriving the encryption key: The first cipher I’d suggest you consider besides bcrypt is PBKDF2. It’s ubiquitous and time-tested with an academic pedigree from RSA Labs, you know, the guys who invented much of the cryptographic […]

For the upcoming Gatekeeper feature in Mac OS X 10.8, Apple will make it easy for customers to prevent software from running that has not been digitally “signed” by developers with a certificate from Apple called the Developer ID certificate. Many developers already choose to sign software using self-generated signing certificates. I wrote many years […]

I just posted MarsEdit 3.4.4 to the MarsEdit home page for direct-purchase customers, and am submitting to the Mac App Store for release as soon as it’s approved by Apple. This release is important for MarsEdit customers who use the integrated Flickr browser to insert images into blog posts. In particular, if you tend to […]