Apple’s Spotted Firewall: Tsk Tsk

closeThis post was published 11 years 1 month 12 days ago. A number of changes have been made to the site since then, so please contact me if anything is broken or seems wrong.

Apple has been selling the new Leopard OS X upgrade on its improved security, but it’s not as secure as you might think. By default, the firewall is set to off, the opposite of Windows Vista. (Why don’t people talk about XP anymore?) Even with the firewall enabled, incoming connections targeted at certain system services can still succeed; researchers were able to access the NetBIOS Naming Service over a LAN with full blocking enabled. Not the most ideal setup. UDP can’t even be turned off from within the OS controls.

Apple also doesn’t include the latest versions of bundled open-source software. The Samba networking client, which provides interoperability with Windows networks, is a couple releases behind, and the latest version is known to contain bugfixes for security issues.

Perhaps the worst problem is the fact that (going back to the firewall) the Leopard installer will disable the firewall even if it was enabled under Tiger. Talk about a bad idea. Almost as bad as Microsoft’s tampering with Automatic Updates settings with OneCare.

I’m getting my information from a CNET news story; I have no personal experience with Leopard as of yet. Just thought I’d mention that so nobody tries to get Mac tech support from me…

dgw

I am an avid technology and software user, in addition to being reasonably well-versed in CSS, JavaScript, HTML, PHP, Python, and (though it still scares me) Perl. Aside from my technological tendencies, I am also a theatre technician, sound designer, violinist, singer, and actor.

Leave a Reply

Your email address will not be published. Required fields are marked *

Notify me of followup comments via e-mail (or subscribe without commenting)

Comments are subject to moderation, and are licensed for display in perpetuity once posted. Learn more.