Leopard's Firewall Does Not Work As Expected
Apple's new operating system, Mac OS X Leopard (10.5), which sold 2 million copies over its first weekend, is blasted for one more reason: its security level is nowhere what Apple has advertised. While the Mac maker claimed Leopard offers substantial security benefits over its successor, Tiger, tests by security experts proved that in fact there is no real improvement.

Heise Security tested Apple's last OS and found that the firewall configuration in the Mac OS X Leopard is unable to perform its task: sealing off local services to prevent access from potentially hostile networks, such as the internet or wireless networks.

Heise has found that Leopard's firewall apparently adds every process started by the user into the list of exceptions automatically. Also, several services, which did not appear listed in the firewall's exception list, were readily accessible from the network.

In fact, even when set on "Block all incoming connections," Leopard's firewall still allowed system services to be accessible from the Internet.

"At present, in order to block access to system services, users must either disconnect the network cable or fall back on the tried and tested BSD ipfw packet filter," wrote tester Jürgen Schmidt.

"The Mac OS X Leopard firewall failed every test. It is not activated by default and, even when activated, it does not behave as expected. Network connections to non-authorized services can still be established and even under the most restrictive setting, "Block all incoming connections," it allows access to system services from the internet," he concluded.

However, Mikko Hypponen, chief research officer at F-Secure, said to BBC: "Year after year, Macs continue to have these potential security problems. However, in practice they just don't seem to become real-world problems," he added. "The old wisdom still stands: if you want to avoid viruses and worms, get a Mac."

Meanwhile, the OSx86 Scene forum posted instructions to install Apple's Leopard, on a PC. The special install process unfortunately has some consequences, as features such as Wi-Fi support are disabled.

Among its advertised security improvements, Leopard records information about any program you download over the Internet and shows that info to you the first time you run it; and Apple added optional authenticity verification which verifies whether a program is unchanged since it was produced by its developer.

© 2007 - eFlux Media. All Rights Reserved.