Firm questions Leopard's firewall, security

Didn't we hear this already?

...if true this is pretty hard to believe...

Enough already.

And if I leave the door open to my house with a sign that says "come in and smash up my computer" and I leave for 2 weeks something bad may happen.

The "company" (used in quotes because all of these seem to be scam artists and not legitimate businesses) that shows me that MAC that is 1/1000 as vulnerable as a Windows machine will have my undying and deep-pocketed loyalty.

When it comes to "your machine may not be as safe as you think" - ask who will benefit from you believing this?

Doofuses.

I'm shocked about this news. The fact alone that the firewall is switched off by default after an upgrade even if it was switched on in Tiger is a scandal.

It's nearly as bad as the simple exploit in 10.2 that allowed anyone to recover the file vault password with the help of a simple shell script.

Apple could do better.

Before I contribute to some FUD, allow me to correct my previous post. I've done some tests with publicly available port scanners, and found no problems with the most standard ports. When the firewall was active, all were closed or didn't respond at all when stealth mode was selected.

However, Heise is a well-respected company, they usually know what they do, so I really wonder how they got different results. It's not entirely clear from their article.

Someone else will have to confirm or disconfirm this story.

They are certainly right in claiming that in comparison to other Unix systems, OS X updates open source components less often. It's indeed a security problem.

Why oh why do I need to worry about a Firewall if there are no ports open on my Mac....??? How can a "firm" accurately report this kind of rubbish?

Everyone comes from the idea that the firewall *must* be on for your computer to be safe. Well if there are no open ports, how the heck can someone "get in"? It's as painfully simple as that.

The firewall is not the end-all solution to security. There's user education, the platform in which you're talking about, and plenty of other topics. Why do Windows users still get viruses even with their precious firewall turned on?

It's FUD people, meant to grab headlines, sell products, or the like. Simple fact, don't turn on services, you'll win half the battle.

On the flip side, Leopard's firewall is too simplified. At least in Windows I can set specific port ranges, address ranges, etc. The technology is right in OS X, it's just not in the GUI unless you're talking about OS X Server, which it is. Add in the granularity that 'Server provides and I think that'd squash a lot of the crying.

You should worry about your firewall if the claims in original article are correct. It's not apparent from the macnn article, but in the original article they claim that the default install according to their tests left services running, no matter what you did from the GUI, and left their ports open. If that's true, it's definitely a huge security problem, as you cannot switch off these services from the GUI. (That's what they claim.) My own quick tests did not confirm this, though. At least the standard ports were closed by the firewall as they should have been. However, as I said, Heise is a well-respected company, and no, they don't sell any Macintosh security products. They publish a a relatively serious, engineering-oriented PC magazine, publish books, and run a free firewall test site among other things. So I really wonder what they did to get those results. My guess is they used a test machine with which they had previously messed around and not a clean install.

You can test your firewall yourself by using some of the free online port scanners.

By the way, I can confirm that after installing Leopard, the firewall is switched off, even if it is an upgrade install and the firewall was previously switched on. You've got to turn it on again manually.

could have been respected company before, but not anymore. For my eyes they are just incompetent. You can find the proof in comments for previous Leopard firewall related news on MacNN.

Please, no more same BS.

Ok, if anyone actually used Leopard, here is the deal.

Although the firewall is off by default, there are NO SERVICES RUNNING (no ports open).

Compare to windows xp which has ports open AND no firewall (or vista asking for permission so much that people don't really care about what they allow), by default Mac OS X is definitely more secure than Windows, because NO PORTS ARE OPEN in OS X by default.

I love the comments about how OS X has "NO PORTS OPEN". Whether ports are "open" is a matter of a firewall, not the OS. What I think you mean is that "NO DAEMONS ARE RUNNING THAT LISTEN TO ANY PORTS". Its by turning on different services do ports become 'open'.

But, then, it must be nice to live in a world where you trust every piece of software on your computer, including the OS, to not open a port to listen on.

The point here is, just because 'no ports are open', doesn't mean no ports will become open.

But, hey, why argue any of these points, when its much easier to either talk up Window's issues, deride the report as being an MS-funded FUD report, or claim its an attempt to just sell services.