0
images/news/apple.jpgLeopard's firewall is a mess, say researchers, shutting off by default and allowing connections even under "block all."
The first security hole is that Leopard's firewall turns itself off by default on installation—even if a user had the firewall turned on before upgrading. That choice flies in the face of what Microsoft has done with Vista, for example: harden security by shipping the operating system with security measures on by default.
Security researchers are also chagrined that Leopard only allows a choice between allow all, deny all, or pick by application; and that it completely hides the firewall rules in a black box that isn't user accessible, Mogull told eWEEK. Even worse, a security researcher from Heise Security has found that the configuration of "block all" does anything but that—meaning that the firewall essentially can't be trusted.
Another issue with Leopard is that, although the newest Mac operating system still includes the open-source firewall ipfw, it needs to be manually configured at the command line.
more at eWeek
The first security hole is that Leopard's firewall turns itself off by default on installation—even if a user had the firewall turned on before upgrading. That choice flies in the face of what Microsoft has done with Vista, for example: harden security by shipping the operating system with security measures on by default.
Security researchers are also chagrined that Leopard only allows a choice between allow all, deny all, or pick by application; and that it completely hides the firewall rules in a black box that isn't user accessible, Mogull told eWEEK. Even worse, a security researcher from Heise Security has found that the configuration of "block all" does anything but that—meaning that the firewall essentially can't be trusted.
Another issue with Leopard is that, although the newest Mac operating system still includes the open-source firewall ipfw, it needs to be manually configured at the command line.
more at eWeek
