PDA

View Full Version : Leopard with chinks in its armour


MacBytes
Oct 30, 2007, 12:04 PM
http://www.macbytes.com/images/bytessig.gif (http://www.macbytes.com)

Category: Mac OS X
Link: Leopard with chinks in its armour (http://www.macbytes.com/link.php?sid=20071030130402)
Description:: none

Posted on MacBytes.com (http://www.macbytes.com)
Approved by Mudbug

vallette
Oct 30, 2007, 12:28 PM
From what I've seen the "researcher" doesn't understand the Leopard security model and consequently his claims aren't legit.

GorillaPaws
Oct 30, 2007, 12:57 PM
Out of curiosity, what would have been the downside of shipping Leopard with the firewall turned on as the default behavior. I'm sure Apple must have considered and rejected this idea at some point, and I'm curious to know what the advantages/disadvantages of those two options are.

By making it seem that Apple was just dumb and forgot to do this, the author really screws up the credibility of the piece. A more intelligent work of journalism would have analyzed the pros and cons of the decision and shown why Apple made the wrong call (if that's the angle the author is after).

reno
Oct 30, 2007, 01:14 PM
From what I've seen the "researcher" doesn't understand the Leopard security model and consequently his claims aren't legit.

Could you please explain your statement further and go into detail as to why you think the author is wrong? Personally, he's got me a little nervous ...

vallette
Oct 30, 2007, 02:04 PM
Could you please explain your statement further and go into detail as to why you think the author is wrong? Personally, he's got me a little nervous ...

There's a short discussion on /. concerning this buried in a thread on the Ars Technica Leopard review:
http://apple.slashdot.org/article.pl?sid=07/10/30/0134225&threshold=1 (near the top)

Here's the most relevant quote:

The article is extremely myopic. It assumes that protection from incoming connections must be provided by filtering TCP ports.

If they had actually tried so much as compiling an application they would have realized that Mac OS X shifts that security to controlling which applications can listen for incoming connections. Since this is something far more easily understood by users I would submit that this is a security improvement.

Using ipfw or other firewalls as you main line of defense on a desktop machine is far inferior to providing actual control over which files can be applications. Now if there are holes in that security feature I'd like to hear about it.


Trust me if the /. community isn't going crazy over this it's a non-issue.

pgwalsh
Oct 30, 2007, 02:06 PM
From what I've seen the "researcher" doesn't understand the Leopard security model and consequently his claims aren't legit.

Perhaps, but I'd like more control over applications and ports. In leopard how to I manually configure TCP and UDP ports for incoming and outgoing connections?

I may want to block specific applications from accessing the web. How can I do this in Leopard? Essentially I'd like Adium, Mail, Vienna, and a a few others to have full access, but other than that I want to know what's trying to access the web.

vallette
Oct 30, 2007, 02:14 PM
Perhaps, but I'd like more control over applications and ports. In leopard how to I manually configure TCP and UDP ports for incoming and outgoing connections?

I may want to block specific applications from accessing the web. How can I do this in Leopard? Essentially I'd like Adium, Mail, Vienna, and a a few others to have full access, but other than that I want to know what's trying to access the web.

I'm not a UNIX guru but I thinks it's something you'd do via ifpw

flyinmac
Oct 30, 2007, 02:24 PM
We've been discussing this since yesterday here:

http://forums.macrumors.com/showthread.php?t=378066

pgwalsh
Oct 30, 2007, 02:44 PM
I'm not a UNIX guru but I thinks it's something you'd do via ifpw

Right, but I used to have some of that functionality in Tiger via the sharing preference.

vallette
Oct 30, 2007, 03:11 PM
Right, but I used to have some of that functionality in Tiger via the sharing preference.

Not with any fine degree of control. This entire discussion is based on a faulty understanding of the Leopard version of the firewall. To the average end user nothing's really changed

pgwalsh
Oct 30, 2007, 03:32 PM
Not with any fine degree of control. This entire discussion is based on a faulty understanding of the Leopard version of the firewall. To the average end user nothing's really changed
Yes with some degree of control. I specific a range of ports to be blocked and then just have specific ones open.

So I just tried transmission and it asked me if I wanted to allow it to have an inbound connection. However, I didn't respond and it automatically blocked it. That's pretty cool. So I'm guessing that it blocks ports until a specific application requests to use it and then allow based on user feedback.

Update: It also asked for an Admin password when you click "Always Allow."

vffikoncer
Nov 3, 2007, 07:55 AM
thanks so much...your info rocks!!

Belle-vue
Nov 3, 2007, 08:01 AM
how can I update my mac from mac os x to mac leopard .. and which one is better os x or leopard?

flyinmac
Nov 4, 2007, 12:04 PM
how can I update my mac from mac os x to mac leopard .. and which one is better os x or leopard?

To clarify, OS X is every version of the Mac OS from version 10.0 through the current 10.5.0.

Leopard is simply a name used for marketing to identify the latest OS 10.5 version.

The last release of 10.4.0 through 10.4.10 was called "Tiger"

10.3.0 through 10.3.9 were called "Panther".

And, so on.

So, in short, OS X and Leopard are the same thing. It's just that "Leopard" is the latest version of OS X.

Older versions of OS X are OS X as well. Just different versions and with different marketing names.

As for which to get, it depends on your system. But, in general, I would go with whatever the latest version is that will run on your system.