Apple Admits to ‘Misleading’ Firewall

Jimmy 2004 · Nov 16, 2007, 02:04 PM

Apple has admitted that the firewall in its new Leopard OS X may be misleading to users, after complaints that the “Block all incoming connections” setting was not all that it was made out to be.

Quote:

The ‘Block all incoming connections’ setting for the Application Firewall allows any process running as user “root” (UID 0) to receive incoming connections, and also allows mDNSResponder to receive connections. This could result in the unexpected exposure of network services.

As a result, the company has quickly released a patch to fix this issue, which also fixes a flaw that lets processes running as root through the firewall even if they are added to the list of blocked applications, and an issue which means an application needs to be restarted before changes in firewall settings will take affect for it.

Source: ZDNet.com

malware · Nov 16, 2007, 02:11 PM

Thanks wiak for this useful story.

newtekie1 · Nov 16, 2007, 02:21 PM

Apple misleading...Never...

FatForester · Nov 16, 2007, 04:33 PM

Silly Apple... ZoneAlarm FTW!

Ravenas · Nov 16, 2007, 10:32 PM

Quote:

Originally Posted by Jimmy 2004

Apple has admitted that the firewall in its new Leopard OS X may be misleading to users, after complaints that the “Block all incoming connections” setting was not all that it was made out to be.

As a result, the company has quickly released a patch to fix this issue, which also fixes a flaw that lets processes running as root through the firewall even if they are added to the list of blocked applications, and an issue which means an application needs to be restarted before changes in firewall settings will take affect for it.

Source: ZDNet.com

I think the title of this post is misleading. Your talking about a flaw/bug in a firewall. This is something Apple fixed after users began to notice this. Title should be changed to something more accurate.

b1lk1 · Nov 16, 2007, 11:45 PM

Quote:

Originally Posted by Ravenas

I think the title of this post is misleading. Your talking about a flaw/bug in a firewall. This is something Apple fixed after users began to notice this. Title should be changed to something more accurate.

Yeah, something like:

"Overpriced computer not nearly as safe as we are all expected to believe"

Ravenas · Nov 17, 2007, 12:27 AM

Quote:

Originally Posted by b1lk1

Yeah, something like:

"Overpriced computer not nearly as safe as we are all expected to believe"

You expected, not I

I've never suspected that any computer connected to the internet is safe

System Name:	Jimmy 2004's PC
Processor:	S754 AMD Athlon64 3200+ @ 2640MHz
Motherboard:	ASUS K8N
Cooling:	AC Freezer 64 Pro + Zalman VF1000 + 5x120mm Antec TriCool Case Fans
Memory:	1GB Kingston PC3200 (2x512MB)
Video Card:	Saphire 256MB X800 GTO @ 450MHz/560MHz (Core/Memory)
Hard Disk:	500GB Western Digital SATA II + 80GB Maxtor DiamondMax SATA
Optical Drive:	LiteOn DVD & NEC DVD+/-RW DL
CRT/LCD Model:	Digimate 17" TFT (1280x1024)
Case:	Antec P182
Sound Card:	Audigy 4 + Creative Inspire T7900 7.1 Speakers
PSU:	Corsair HX520W
Software:	Windows XP Home

Nov 16, 2007, 02:11 PM	#2
malware Eligible for custom title Join Date: Nov 2004 Location: Bulgaria Posts: 5,413 (1.74/day) Thanks: 78 Thanked 986 Times in 497 Posts System Specs	Thanks wiak for this useful story. __________________ techPоwerUp!

Processor:	Intel Core 2 Quad Q6600 G0 VID: 1.2125
Motherboard:	GIGABYTE GA-P35-DS3P rev.2.0
Cooling:	Thermalright Ultra-120 eXtreme + Noctua NF-S12 Fan
Memory:	4x1 GB PQI DDR2 PC2-6400
Video Card:	Colorful iGame Radeon HD 4890 1 GB GDDR5
Hard Disk:	2x 500 GB Seagate Barracuda 7200.11 32 MB RAID0
Optical Drive:	LITE-ON IT LH-20A1L 20x SATA DVD±RW LightScribe
CRT/LCD Model:	BenQ G2400W 24-inch WideScreen LCD
Case:	Cooler Master COSMOS RC-1000 (sold), Cooler Master HAF-932 (delivered)
Sound Card:	Creative X-Fi XtremeMusic + Logitech Z-5500 Digital THX
PSU:	Chieftec CFT-1000G-DF 1kW
Software:	Laptop: Lenovo 3000 N200 C2DT2310/3GB/120GB/GF7300/15.4"/Razer

Nov 16, 2007, 02:21 PM	#3
newtekie1 Semi-Retired Folder Join Date: Nov 2005 Location: Indiana Posts: 17,746 (6.48/day) Thanks: 780 Thanked 5,114 Times in 3,705 Posts System Specs	Apple misleading...Never... __________________ Rig1: System Specs. Rig2: A8-5600K@4.4GHz / AsRock FM2A75 Pro4 / 8GB Corsair DDR3-1600 9-9-9-24 / HD7560D / Samsung DVD-Burner / 1.5TB WD Green + 3x3TB WD RED in RAID5 Rig3: Athlon X2 4200+ / M4A79 Deluxe / 4GB G.Skill Pi DDR2-800 4-4-4-12 / GT430 / Sony DVD-Burner / 500GB WD Rig4: Phenom II x6 1605T @ 3.6GHz / Asus M5A99X Evo / 8GB PNY DDR3-1600 9-9-9 / GTX470 & GTX470 / Samsung DVD-Burner / 1.5TB Seagate

Processor:	Intel Core i7 875K@4.0GHz(200x20)
Motherboard:	eVGA P55 FTW 200
Cooling:	Thermalright Ultra-120 Extreme w/ Corsair SP120 High Performance Edition
Memory:	8GB Corsair DDR3-1600 7-7-7-20
Video Card:	ASUS GTX 670 4GB DirectCU II @ 1015/3600
Hard Disk:	1TB Seagate 7200.12(OS), 3x 1.5TB Seagate 7200.11 in RAID 5
Optical Drive:	Lite-On Blu-Ray Combo Drive IHES108
CRT/LCD Model:	HP 25" 2509m 1080p LCD
Case:	Lian-Li Lancool Metal Boned K7 w/ Windowed Side Panel
Sound Card:	Onboard is good enough for me
PSU:	Corsair HX850
Software:	Windows 7 x64 Professional

Nov 16, 2007, 04:33 PM	#4
FatForester Join Date: Mar 2007 Posts: 937 (0.41/day) Thanks: 94 Thanked 155 Times in 139 Posts System Specs	Silly Apple... ZoneAlarm FTW!

Processor:	Intel e2180 2.0ghz @ 2.8ghz w/ stock volts
Motherboard:	ASUS P5K-e Wifi-AP
Cooling:	Zalman 9500 w/ AS5
Memory:	G.Skill Black PI's DDR2 @ 896MHz 4-4-4-12 1.9v
Video Card:	EVGA 8800GT w/ Zalman VF-900
Hard Disk:	2x Crucial C300 64GB, Samsung F3 2TB & 1TB, F1 1TB & 750GB
Optical Drive:	Samsung SH-223F DVD-RW
CRT/LCD Model:	ASUS VW246H 24" 16:9
Case:	Ultra / Chieftec Black Tower
Sound Card:	X-fi XtremeMusic -> Z-5300e's
PSU:	PCP&C 610 Silencer
Software:	Windows 7 x64

System Name:	AM3+
Processor:	AMD FX-4170 Zambezi 4.2GHz (4.3GHz Turbo) Socket AM3+ 125W Quad-Core Desktop Processor FD4170FRGUBOX
Motherboard:	MSI 990FXA-GD80 AM3+ AMD 990FX SATA 6Gb/s USB 3.0 ATX AMD Motherboard
Memory:	Corsair XMS3 16 GB 1333 MHz PC3-10666 240-Pin DDR3
Video Card:	XFX AMD Radeon HD 6870 3D-Ready Graphics Card (HD-687A-ZHFC)
Hard Disk:	Western Digital Caviar Blue 500 GB SATA III 7200 RPM 16 MB Cache Bulk/OEM Desktop Hard Drive - WD500
Optical Drive:	Sony AD-7280S-0B 24x SATA Internal DVD+/-RW Drive (Black)
CRT/LCD Model:	Acer S211HL bd 21.5-Inch Widescreen Ultra-Slim LED Display - Black
Case:	COOLER MASTER Elite 335 Upgraded RC-335U-KKN1 Black Steel / Plastic ATX Mid Tower Computer Case
PSU:	Cooler Master GX - 650W 80 PLUS Bronze Power Supply (RS650-ACAAD3-US)
Software:	Windows 8 Professional

System Name:	Money pit
Processor:	Q2Q Q8300
Motherboard:	ASUS P5E3 deluxe WIFI AP@N
Cooling:	120.2/Swiftech655/Apogee GT/DD Fillport & res
Memory:	OCZ PC3-1333MHZ 2X1GB/Kingston HYPERX PC3-1325MHz
Video Card:	Sapphire HD4830
Hard Disk:	Seagate 7200.11 1TB
Optical Drive:	ASUS DVD Burner
CRT/LCD Model:	Dell 2209WA
Case:	some crap 5 year old generic modded case
Sound Card:	X-FI fagtality
PSU:	PC P&C 510W
Software:	Vista Premium 64

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)