Leopard firewall defaults to off as user convenience

The Baltimore Sun

In the process of recently reviewing the new Leopard operating system, I conducted an iChat video interview with Chris Bourdon, senior product line manager for Mac OS X. After going over Leopard's key new features, I asked him about a few issues that have arisen since the product's release.

On security: Many security experts have accused Apple of making security worse in Leopard, primarily by going with a new firewall and perplexingly turning that firewall off by default. The old firewall is still there, but deactivated.

"You do need to activate it," Bourdon said, explaining why it's turned off by default. "We think that's what people want. Firewalls can be intrusive for the average user."

Bourdon said Apple's firewall is better because it's application-based. Rather than allowing all applications to access an open port, as does the current firewall, Bourdon said the new one restricts access just to the application that requires it. The user can create a list of applications in the Security Preference Pane and designate for each app whether it should allow or deny incoming connections.

"It's much better, it's easier to configure and it's more powerful," he said.

I expect security experts will continue to attack Leopard as vulnerable, but that's nothing new. It is possible -- though unlikely -- that Apple expended resources to create a new firewall only to botch it so badly that it's worse than what it replaced.

I reserve the right to change my mind if any of my Leopard Macs are exploited.

On the expiration of the Boot Camp beta: When Apple released the Boot Camp software, it said it would expire upon Leopard's release. (Boot Camp is included in Leopard.) Some who have been using the beta version with Tiger have worried that their Windows partitions will no longer boot now that Leopard is here. Not so, Bourdon said.

Users will not be able to create new Windows partitions, he said, but existing ones will continue to function. If you want to make any changes, though, you will need to pony up for Leopard.

On the many cosmetic changes: It's hard not to notice all the new icons and how the iTunes interface has propagated across numerous Apple applications in Leopard, particularly the Finder. Bourdon said the reason for so many design changes in Leopard was partly to refine and improve them, but also to achieve "consistency across all applications."

Copyright © 2020, The Baltimore Sun, a Baltimore Sun Media Group publication | Place an Ad