Leopard's Firewall Criticized

A security research firm is criticizing Leopard's security, namely the new system's firewall.

Heise Security was highly critical of the firewall and declared that it failed every test. The tests centered around Apple's default configuration and whether the firewall configured correctly due to user input.

[Leopard's firewall] is not activated by default and, even when activated, it does not behave as expected. Network connections to non-authorised services can still be established and even under the most restrictive setting, "Block all incoming connections," it allows access to system services from the internet.

The company does acknowledge that the system services that it communicated with in its tests did not seem immediately exploitable (though one, ntpd was out of date). However, the company does advise that the issues be addressed by Apple and users beware of the shortcomings.

Apple has been touting Leopard's security as one of the many features of Leopard.