Focus on Apple
Apple releases Mac OS X v10.5.1 with Application Firewall security updates Nov 15 2007 07:11PM
Todd Woodward (todd_woodward symantec com) (1 replies)
Application Firewall security updates Nov 15 2007 08:08PM
Radoslav Dejanoviæ (radoslav dejanovic opsus hr) (4 replies)
Todd Woodward wrote:
> Apple today released Mac OS X v10.5.1 with Application Firewall updates which cover the following issues:
>
>
> * "Block all incoming connections" setting renamed to "Allow only essential services" to more "accurately [describe] the option"
>
What a nice WTF. This is a good example of what IMHO is Apple's wrong
tactics. There's *huge* difference between "block all incoming
connections" and "allow only essential services". Those are two
completely different things. :-)

And then, for the average user, the statement "allow only essential
services" is quite confusing. What are essential services? What if user
has no need for some of them, yet can't easily turn them off because
they're in the "essential" pack? What if someone really wants to disable
all incoming connections (say, lots of people that use just an DSL
connection, Mac and an USB printer)? If the setting has been *renamed*,
does that mean that there's actually no way to fully disable incoming
connections? Or is it still there somewhere?

Granted, you can still use ipfw to set up fine-grained firewall
policies, so you're not really stuck with Application Layer Firewall.
But, how many users know how to handle ipfw?

That's weird - while it is true that many users would like to have a
firewall that's easy to set up, denying them ability to completely lock
their computers is not something I would call good security practice.
Mixing descriptions, and having deceptive descriptions that don't
reflect the true status of the firewall - I can't see the point here.
Is this, like, being user-friendly?

P.S. Application Layer Firewall, AFAIK, doesn't filter out programs
running with superuser privileges. That calls for trouble.

[ reply ]
Re: Application Firewall security updates Nov 21 2007 03:00PM
Dave Piscitello (dave corecom com) (2 replies)
Re: Application Firewall security updates Nov 21 2007 09:27PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (3 replies)
Re: Application Firewall security updates Nov 22 2007 06:35PM
Derek Chesterfield (dez mac com)
Re: Application Firewall security updates Nov 22 2007 04:28PM
Bruce Carter (bcarter nd edu)
RE: Application Firewall security updates Nov 21 2007 10:43PM
Todd Woodward (todd_woodward symantec com)
Re: Application Firewall security updates Nov 21 2007 09:02PM
Chris Adams (chris improbable org)
Re: Application Firewall security updates Nov 16 2007 03:58AM
Mike Savory (mike_lists nzbox com)
RE: Application Firewall security updates Nov 15 2007 09:55PM
Todd Woodward (todd_woodward symantec com)
Re: Application Firewall security updates Nov 15 2007 09:51PM
Dave Schroeder (das doit wisc edu) (3 replies)
Re: Application Firewall security updates Nov 15 2007 11:36PM
Mark Senior (senatorfrog gmail com) (3 replies)
Re: Application Firewall security updates Nov 17 2007 02:54PM
Chris Pepper (pepper reppep com) (1 replies)
Re: Application Firewall security updates Nov 19 2007 12:59PM
Sandor Szücs (sszuecs zedat fu-berlin de)
Re: Application Firewall security updates Nov 16 2007 11:03AM
Radoslav Dejanoviæ (radoslav dejanovic opsus hr) (2 replies)
Re: Application Firewall security updates Nov 16 2007 05:30PM
Mark Senior (senatorfrog gmail com)
Re: Application Firewall security updates Nov 16 2007 04:34PM
Derek Chesterfield (dez mac com) (1 replies)
Re: Application Firewall security updates Nov 17 2007 12:30AM
Mark Senior (senatorfrog gmail com)
Re: Application Firewall security updates Nov 16 2007 04:47AM
Derek Chesterfield (dez mac com) (2 replies)
Re: Application Firewall security updates Nov 16 2007 04:08PM
Scott Russell (ScottRussell nd edu)
Fwd: Application Firewall security updates Nov 16 2007 04:55AM
Derek Chesterfield (dez mac com)
Re: Application Firewall security updates Nov 15 2007 10:08PM
Radoslav Dejanoviæ (radoslav dejanovic opsus hr)
Re: Application Firewall security updates Nov 15 2007 10:05PM
Dave Schroeder (das doit wisc edu)


 

Privacy Statement
Copyright 2010, SecurityFocus