Although Apple is selling its new Mac OS X Leopard operating system on its improved security, researchers at Heise Security have already found fault with its firewall. Unlike with Windows Vista, the Apple firewall is not enabled by default and must be enabled by the end user. Even if you had the firewall enabled in a previous version of the Mac OS X, after an upgrade to Leopard the firewall will again be set to "Allow all incoming connections." It will be disabled.
According to Jürgen Schmidt, editor in chief at Heise Security, if you enable the Apple firewall and set it to "Block all incoming connections," access from the Internet to certain internal system services will still be allowed. As an example, he said that his team was able to query the NetBIOS Naming Service over a Lan network even with full blocking enabled. The team was also unable to specifically enable UDP filtering within Leopard, which should block access to NetBIOS.
Schmidt also faulted Apple for not including the latest versions of open-source applications within Leopard. In August, Charles Miller of Independent Security Evaluators noted the same at the annual Black Hat conference in Las Vegas. The expectation over the summer had been that Leopard would include the most recent version of several open-source applications and protocols.
Within Leopard, Schmidt noted that Apple ships ntpd 4.2.2, while the latest version is 4.2.4, although he admits that it is unclear whether there are any exploitable vulnerabilities here.
That's not the case with Samba, a primary networking protocol. Over the summer Apple did update its Samba package, but not to the most recent version. Leopard ships with version 3.0.025b (same as Tiger). The more recent releases of Samaba, 3.0.25c and 3.0.26a, do include several known bug fixes so it is unclear why Apple did not update Samba within Leopard.
Apple has a longstanding policy about not commenting in public on issues regarding the security of its products.
I still wouldn't consider it anything to shy away from. 100 - 150 variants of a malicious code. thats almost laughable that a security firm thinks that number is a problem. How many thousands of variants are there of each windoze targeted malware?
Very sweet. Been doing some video editing with iMovie 08 and iDVD 08. Good fun. Got clips on DVD, dotmac and on the iPod, so my friend and relatives are never safe from home movies anymore. ) Got the Missing Manual so it doesn't look too bad, though.
Time Machine backups seem to have some issues now, like eating all my 250 gig hard drive space my 500 gig Lacie drive space as well. Maybe have to remove some aplications and files from being backed up. Anybody having any other glitches?
Quit backing up applications. Problem solved. iMovie '08 is pretty neat, but may have to upgrade to Final Cut Express of Pro before long. '08 keeps a lot of files on the disk after their use has past. Just gotta delete manually.