OS X Leopard Firewall Flawed

cycoj writes with a report in the German IT magazine Heise, taking a look at the new OS X Leopard firewall. They find it flawed. When setting access to specific services and programs to only allow SSH access, for example, they found that a manually started service was still accessible. From the article: "So the first step after starting Leopard should be to activate the firewall. The obvious choice to do so is the option to 'Set access to specific services and programs,' which promises more control over network traffic. Mac OS X automatically enters all shared resources set up by the user, such as 'Remote login' for SSH servers, into the list of accessible resources... However, initial functional testing quickly dispels any feeling of improved security. A service started for testing purposes was able to be addressed from outside without any difficulty. The firewall records this occurrence... Even with the firewall set to 'Block all incoming connections' ports to netbios, ntp and other services were still open... Specifically these results mean that users can't rely on the firewall."

Re:and now for something completely different...

[Cally]

Flawed? So what's the nature of this flaw? Well, it doesn't really, well, work. Not as such. Not as such. Yeah, we've heard there's some BSD firewalls already out there, and apparently some of them are supposed to be pretty secure, but... hell, we don't need firewalls, this is a Mac! And, as the strip "Osama Bin Laden's Computer Nightmare" in the latest issue of Viz so perspicaciously pointed out, Macs can't get viruses.