The launch of Apple's newest OS, Leopard, has been, to say the least, tinged with negative press, what with reports of bluescreens due to third party applications and Java incompatibilities. On Friday, Rich Mogull, a security consultant and former Gartner analyst, added more fuel to the fire when he said "[Leopard's] firewall is a mess" after spending two days digging into the new firewall's capabilities. "It's a step back from Tiger's firewall. I was originally pretty bullish on Leopard's security, and I still am on the concepts, but the implementation makes most of its advances ineffective or unusable."
The firewall in Mac OS X 10.5 Leopard uses a bare-bones interface -- earlier this week, Mogull called it "so simple as to be nearly useless" -- that offers users three options: allow all incoming connections, block all incoming connections, and set access for specific services and applications Unfortunately, the implementation seems fraught with problems. "'Block all' does seem to block actual connections," said Mogull, "but any shared ports are detected as 'open/filtered' on a port scan." And unless users turn on stealth, some services -- Bonjour, Apple's network-device-locating technology, is one -- are seen as open by scans, no matter what firewall setting is selected. Only by using "Block all" with stealth enabled are shared services actually invisible.
The firewall in Mac OS X 10.5 Leopard uses a bare-bones interface -- earlier this week, Mogull called it "so simple as to be nearly useless" -- that offers users three options: allow all incoming connections, block all incoming connections, and set access for specific services and applications Unfortunately, the implementation seems fraught with problems. "'Block all' does seem to block actual connections," said Mogull, "but any shared ports are detected as 'open/filtered' on a port scan." And unless users turn on stealth, some services -- Bonjour, Apple's network-device-locating technology, is one -- are seen as open by scans, no matter what firewall setting is selected. Only by using "Block all" with stealth enabled are shared services actually invisible.
Those inconsistencies pale against the firewall's ability to break some applications without warning. When the "Set access" mode is turned on, the firewall digitally signs applications that the user allows access to incoming communication; although most firewalls will block a program from running if it detects change, such as an upgrade to a new version, Mogull discovered that Leopard takes it one step further, blocking applications that change at runtime. Skype, the popular VoIP software and instant messenger, is one such program. If the user has set the firewall to "Set access" and runs Skype, the icon will bounce a time or two on the dock, but not load. Nor does Leopard tell the user that Skype has failed or why it won't launch. Only the Mac OS X Console gives a clue, with a message such as: 11/2/07 9:47:51 AM [0x0-0x35035].com.skype.skype[399] Check 1 failed. Can't run Skype.
However, Mogull isn't all bad news. "Fortunately, all of this is fixable," he said. "Apple clearly was a little rushed, but they're moving in the right direction. It's our responsibility to keep on Apple to make sure they convert these concepts into actual implementations."
View: Full Story on InfoWorld
I agree. I say dont fix whats not broken.
When faced with information that differs from their own personal agenda, trolls typically attempt to drive the discussion off topic.
When faced with information that differs from their own personal agenda, trolls typically attempt to drive the discussion off topic.
Grr I am a troll...
GGRRRRR
GGRRRRR
Thanks for making Neowin suck more.
You must not have a laptop.
"Most consumer firewalls can't do application level control " lies all lies. most hardware firewalls maybe
"You must not have a laptop. " HUH, what is the difference between laptop and desktop when it comes to firewalls
P.S. Having a market share so small that barely anyone even bothers to try exploit your product does not count.
just let him make his little scene.
+1
advertising.
anyways its better have something than nothing and its still a big improvement over sp2 windows firewall, lets hope that microsoft add those improvements and features into sp3.
BTW something that i really like of a MAC its the network profiler, you can save each profile oc TCP/IP setting lets say one for university, one for work, one for home anyways its very good in vista and xp they only have an alternate profile making it very limited, need a 3rd party APP to make that work like netsetman or Thinkvantage access connection....
all i kept hearing was "macOSX is invincible i dont need antivirus/firewall/anti spyware like windows does"
all i kept hearing was "macOSX is invincible i dont need antivirus/firewall/anti spyware like windows does"
Not to worry, you heard right.
yeah the fact proof of concept viruses have existed do not indicate a OS was ever vulnerable, in fact its invinsible.
nothign is invinsible.
you're mistaken, that's Linux.
Number of viruses in the wild (currently, or ever) for OS X: 0.
There's your answer. When there is a real threat, not just proof-of-concept junk, we'll see something better.
Number of viruses in the wild (currently, or ever) for OS X: 0.
There's your answer. When there is a real threat, not just proof-of-concept junk, we'll see something better.
number of proof of concept viruses ==??? oh thats right a proof of concept doesn't count, even though it prooves the concept
You proved your knowledge of security and this whole subject is rather limited, a firewall does a lot more than just block viruses, in fact a firewall doesn't actually block a virus it wil block a worm however. and traffic from the virus.
noone cares about your zero viruses for OSX. casue we all know why.
when will you stop trying to defend everythign bad apple ever does
Number of viruses in the wild (currently, or ever) for OS X: 0.
There's your answer. When there is a real threat, not just proof-of-concept junk, we'll see something better.
You should be a politician. You didn't answer my question. I really feel bad for the way you HAVE TO defend ANYTHING bad/wrong/lame/etc Apple does. Don't worry LTD, a virus or worm will one day find it's way into your mac, and you'll never know until it's too late. Why? You don't need an anti-virus. You already got the BSODs and driver problems, what do you think is gonna happen next?
I didn't know I needed a proof-of-concept to get through a Mac (software) firewall.
Number of viruses in the wild (currently, or ever) for OS X: 0.
There's your answer. When there is a real threat, not just proof-of-concept junk, we'll see something better.
You should be a politician. You didn't answer my question. I really feel bad for the way you HAVE TO defend ANYTHING bad/wrong/lame/etc Apple does. Don't worry LTD, a virus or worm will one day find it's way into your mac, and you'll never know until it's too late. Why? You don't need an anti-virus. You already got the BSODs and driver problems, what do you think is gonna happen next?
I didn't know I needed a proof-of-concept to get through a Mac (software) firewall.
I've never gotten BSODs or driver problems with OS X, ever LOL. And it required absolutely no work on my part. Still WAITING on that virus, too.
What's gonna happen next? Getting an iPhone is on my list. I've also been meaning to try out SiteGrinder 2.0.
Number of viruses in the wild (currently, or ever) for OS X: 0.
There's your answer. When there is a real threat, not just proof-of-concept junk, we'll see something better.
You should be a politician. You didn't answer my question. I really feel bad for the way you HAVE TO defend ANYTHING bad/wrong/lame/etc Apple does. Don't worry LTD, a virus or worm will one day find it's way into your mac, and you'll never know until it's too late. Why? You don't need an anti-virus. You already got the BSODs and driver problems, what do you think is gonna happen next?
I didn't know I needed a proof-of-concept to get through a Mac (software) firewall.
I've never gotten BSODs or driver problems with OS X, ever LOL. And it required absolutely no work on my part. Still WAITING on that virus, too.
What's gonna happen next? Getting an iPhone is on my list. I've also been meaning to try out SiteGrinder 2.0.
You just don't get it. I've never had to do anything for my PC to stay clean. Everything is automatic. Go read my post at the bottom of the page. That might put things into perspective.
the iPhone theres a joke and a half
the iPhone theres a joke and a half
Bro, you have to understand... in the "distortion field" people think just because you are running anything other than OS X, there's constant virus dodging, pop-ups every 3-5 seconds, and BSODs two to three times a day. I'll go ahead and let them think that way while I use every bit of software on earth written for 2000/XP/Vista. Then again, mac users don't USE the computer like *nix/2000/XP/Vista users do. Movie making, pictures, and sound. What else is there to do on a mac? Oh yeah, load XP and do everything else.
Yes, the iPhone is a joke. "LOOK OMGZ!! I can use the Internet and call people! WOW! It's so like totally worth the 500 bucks! "
When (not if) these people realize their Macs aren't invincible they are surely going to learn it the hard way.
When (not if) these people realize their Macs aren't invincible they are surely going to learn it the hard way.
+1
When (not if) these people realize their Macs aren't invincible they are surely going to learn it the hard way.
+1 it is inevitable. really just a waiting game
Last edited by SirEvan on 04 Nov 2007 - 22:27
That's because we've been too busy enjoying the most advanced and awesome OS, Mac OSX Leopard. So I guess it's really you that's trolling but feel free to continue tring to convince everyone that wildly popular Vista (sarcasim) is worth the upgrade and a smashing success. LOL
That's because we've been too busy enjoying the most advanced and awesome OS, Mac OSX Leopard. So I guess it's really you that's trolling but feel free to continue tring to convince everyone that wildly popular Vista (sarcasim) is worth the upgrade and a smashing success. LOL
well if you call the fact you now get bluescreens and your firewall is worse, awesome, then you must really luv vista, cause that has lots of problems.
AT LEAST WINDOWS USERS CAN ADMIT VISTA IS S^&T. i'd like to see an apple fanboy admit anything bad about apple
Number of years surfing the net unimpeded: 6 and counting.
Bring on a real threat - in the wild - and then maybe you'll have my attention. People have been using the low-marketshare argument for years . . . which is my point: years. Nothing in the wild for OS X since its inception. Just proof-of-conecpts, rumours, etc.
Bad news? Sure, there have been some issues with OS X. Given what I see from the competition, I GLADLY put up with whatever hiccups occur with OS X.
Number of years surfing the net unimpeded: 6 and counting.
Bring on a real threat - in the wild - and then maybe you'll have my attention. People have been using the low-marketshare argument for years . . . which is my point: years. Nothing in the wild for OS X since its inception. Just proof-of-conecpts, rumours, etc.
Bad news? Sure, there have been some issues with OS X. Given what I see from the competition, I GLADLY put up with whatever hiccups occur with OS X.
+1
Ouch! That's got to hurt the Microsoft fanboys/trolls!
internetworld7you seem to be the biggest troll of them all, do you have any of your own opinions?? and i really doubt any of the fanboys will care as they know MS has issues too, besides the fact they all know LTD is the biggest fanboy of them all
internetworld7you seem to be the biggest troll of them all, do you have any of your own opinions?? and i really doubt any of the fanboys will care as they know MS has issues too, besides the fact they all know LTD is the biggest fanboy of them all
LTD is indeed the biggest fanboy of them all, because LTD used Windows for 4 years before finally visiting an Apple Store to see what he was missing out on. Blew me away.
Pretty impressive that a company a fraction of Microsoft's size can produce such things. Kind of asked myself "Where the **** are Microsoft's R&D dollars going????"
internetworld7you seem to be the biggest troll of them all, do you have any of your own opinions?? and i really doubt any of the fanboys will care as they know MS has issues too, besides the fact they all know LTD is the biggest fanboy of them all
LTD is indeed the biggest fanboy of them all, because LTD used Windows for 4 years before finally visiting an Apple Store to see what he was missing out on. Blew me away.
Pretty impressive that a company a fraction of Microsoft's size can produce such things. Kind of asked myself "Where the **** are Microsoft's R&D dollars going????"
I was MAC for about 2 years before this current job, PC and MAC before that, administrating MAC's not just using them, and I prefer windows boxes and i definatley prefer windows servers. when i visited the apple store it annoyed the crap out of me, there were like a few computers to look at and not much else.
Well a good chunk went to helping Apple learn how to load Windows on their systems so they could use it as a selling point on their Macs.
Another chunk went to developing the only decent Office productivity suite on Mac - Microsoft Office. This is also used by Apple as a selling point.
I hope the Apple Store rep who "blew you away" showcased Vista for you so you could indeed see what you've been missing.
All in all, this reminds me of a red dwarf episode
RIMMER: It's one of the most famous military maneuvers in history!
LISTER: I mean, the Greeks have been camped outside Troy, kerpowing, zapping, and kersplatting the Trojans for the best part of a decade, yeah?
RIMMER: So?
LISTER: So all of a sudden they wake up one mornin' and the Greeks have gone. And there outside the city walls they've left this gift; this tribute to their valiant foes: a huge wooden horse, just large enough to happily contain 500 Greeks in full battle dress and still leave adequate room for toilet facilities? Are you telling me not one Trojan goes, "Hang on a minute, that's a bit of a funny prezzy. What's wrong with a couple hundred pairs of socks and some aftershave?" No, they don't -- they just wheel it in and all decide to go for an early night! People that stupid deserve to be kerpowed, zapped and kersplatted in their beds! You know what the big joke is? From this particular phase in history we derive the phrase, "Beware of Greeks bearing gifts," when it would be much more logical to derive the phrase, "Beware of Trojans, they're complete smegheads!"
RIMMER: Well, thank you, A.J.P. Taylor.
Oh BTW, I'm running 10.4 OS X on my 500 dollar PC. That includes the LCD screen. Dont that just burn you Mac guys? Paid out the anus to run this OS, and I did it for 500 bucks. HAHHAHAHAHHAA. I love my little triple booter! It's so cute! P4 D 2.8 4 Meg cache, 1 GB RAM (dual channel) 5200 256 AGP (OCed) Video card, one 160 gig SATA drive, 20 gig ATA drive, DVD burner, DVD player, 17" LCD and a custom case with UV lights inside and LEDs out side. What would that cost you in Mac dollars? 1300, 1400, 1500 hundred? (This is my second dual core PC, not my best)
Too bad you (usually) don't know how to build your own computers. Keep justifying that "premium" you all pay.
Oh BTW, I'm running 10.4 OS X on my 500 dollar PC. That includes the LCD screen. Dont that just burn you Mac guys? Paid out the anus to run this OS, and I did it for 500 bucks. HAHHAHAHAHHAA. I love my little triple booter! It's so cute! P4 D 2.8 4 Meg cache, 1 GB RAM (dual channel) 5200 256 AGP (OCed) Video card, one 160 gig SATA drive, 20 gig ATA drive, DVD burner, DVD player, 17" LCD and a custom case with UV lights inside and LEDs out side. What would that cost you in Mac dollars? 1300, 1400, 1500 hundred? (This is my second dual core PC, not my best)
Too bad you (usually) don't know how to build your own computers. Keep justifying that "premium" you all pay.
There is this little thing called "taste" that Mac users tend to have...
You certainly seem to be missing the point of it.
The most expensive part of any Apple product is the apple logo which does nothing but make certain people feel better about how they spent their money.
You certainly seem to be missing the point of it.
so you mean when someone brings out a PC that looks pretty you will buy one??
from my expierience mac users like macs cause they are pretty and they look nice on their desks. you proved the point with your tatse comment, mac users don't really care about anythign besides the fact it looks pretty
You certainly seem to be missing the point of it.
so you mean when someone brings out a PC that looks pretty you will buy one??
from my expierience mac users like macs cause they are pretty and they look nice on their desks. you proved the point with your tatse comment, mac users don't really care about anythign besides the fact it looks pretty
No. But the guy above basically said his computer was better because it had 'neons'. You interpreted that to mean 'pretty'. I said Mac users have 'taste' which is a different thing altogether.
Actually, you are wrong, Mac users tend to like computers that get the job done, not blind you with blue LEDs and Neons, and case windows, and, oh wait, I forgot what I was doing.
The most expensive part of any Apple product is the apple logo which does nothing but make certain people feel better about how they spent their money.
Steve Jobs Salary? He takes $1 a year thanks.
How much does Bill Gates get paid?
As for Vista, well i absolutely despise it, nothing about it impressed me, much prefer XP, but I am so suprised as to why Microsoft and Apple have put out 2 OS's that we're not ready for release, Leopard isn't as bad as Vista for the first batch of glitches, but come on, I would much rather wait for a final product than get something that isn't ready.
I am a Mac fan, was a PC guy for a while but I was never happy with my PC, but with the Mac I am.
BTW I would really like to see someone make a replica of a Mac for the same price you pay for a Mac, I know you can get the same components cheaper and build a regular PC cheaper, but for myself I much prefer the iMac, everything built into one, if you can duplicate my iMac 20" Intel Core 2 Duo 2.33, 2 gigs ram, 250 GB hard drive, for less than the $1300 I paid, in the same casing with bluetooth, and wireless N, please tell me how.
For the record, Leopard<Tiger, and Vista<XP.
but when it comes down to it, your a mac user and you want a pretty apple logo on your pretty case, you got an old imac case, i am sure i coudl build a nice PC into that for you
but when it comes down to it, your a mac user and you want a pretty apple logo on your pretty case, you got an old imac case, i am sure i coudl build a nice PC into that for you
Why do you care that you could build a 'better' PC for less money? I certainly do not.
What about driver compatibility? What about an easy expierence?
People who argue the point about building a better PC for less money are missing the point of Macs... They are easy to use, and dont require hours and hours of messing about to get the thing working.
i was goignt on the above comment which was "BTW I would really like to see someone make a replica of a Mac for the same price you pay for a Mac,"
read everyeons posts not just the ones you want to insult
as for driver compatibility, when i buy hardware i get a driver on a CD once i finish installig windows i insert the CD and run it, how easy is that???, if i like i can even go on the web and update it, seriously do you even understand drivers and windows, i have never had driver problems.
i can build a PC and have it up and running within an hour!!. as i said above you have no idea of installing windows, maybe you installed 98 years ago and compare all windwos to installig 98, i don't know but i HAVE installed OSX, and it aint a lot different. hell you select your options and let it run.
Last edited by whocares78 on 06 Nov 2007 - 23:54
C_Guy
Raid 0
Whocares78
We get it, you don't like OSX
Big deal, but why the great desire to push you're own opinion onto people who don't care about your opinion?
Move on, stop trolling and don't come crying when someone bashings Vista cause by your actions in here you're just making that more and more likely by being total and utter tospots
BTW, I'm not running Vista yet.
BTW, I'm not running Vista yet.
Sorry but you're trolling and bashing of them is just as bad as anything that they do. Take a look in the mirror.
BTW, I'm not running Vista yet.
Sorry but you're trolling and bashing of them is just as bad as anything that they do. Take a look in the mirror.
I did, you know what I saw? Someone who uses XP, Ubuntu and OS X, all on one 500 dollar PC. It's not my only one.. I have 4 PCs and one iMac... YES THAT'S RIGHT!!! I OWN A MAC! What do I use most? MY PCs, all four of them.
Try this on for size.. You're a mac user on a WINDOWS SITE... what does that make you? Go ahead, I'll wait while YOU look in the mirror.
BTW, I'm not running Vista yet.
Sorry but you're trolling and bashing of them is just as bad as anything that they do. Take a look in the mirror.
I did, you know what I saw? Someone who uses XP, Ubuntu and OS X, all on one 500 dollar PC. It's not my only one.. I have 4 PCs and one iMac... YES THAT'S RIGHT!!! I OWN A MAC! What do I use most? MY PCs, all four of them.
Try this on for size.. You're a mac user on a WINDOWS SITE... what does that make you? Go ahead, I'll wait while YOU look in the mirror.
Well, sorry to pee on your parade, but I also have computers that use OSX, Windows XP and Linux. Also I do recall that the contributors of this site described it as a technology site and not a windows site, maybe in the past it was but not anymore.
Atleast all my machines are legit, unlike you're continued boasting of runnign osx on a pc