electro-music.com   Dedicated to experimental electro-acoustic
and electronic music
 
    Front Page  |  Radio
 |  Media  |  Forum  |  Wiki  |  Links
Forum with support of Syndicator RSS
 FAQFAQ   CalendarCalendar   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   LinksLinks
 RegisterRegister   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in  Chat RoomChat Room 
 Forum index » Instruments and Equipment » OSX as a music workstation
What the.....? Where's the firewall gone?!?
Post new topic   Reply to topic Moderators: elektro80
Page 1 of 1 [17 Posts]
View unread posts
View new posts in the last week
Mark the topic unread :: View previous topic :: View next topic
Author Message
v-un-v
Janitor
Janitor


Joined: May 16, 2005
Posts: 8933
Location: Birmingham, England, UK
Audio files: 11
G2 patch files: 1

PostPosted: Tue Nov 06, 2007 5:31 am    Post subject: What the.....? Where's the firewall gone?!? Reply with quote  Mark this post and the followings unread

Apparently the new Firewall in Leopard is totally crap Shocked
I've been watching this thread for a while, but things seem to be getting worse

http://discussions.apple.com/thread.jspa?threadID=1214322

http://www.itpro.co.uk/news/135237/leopard-fails-firewall-tests.html

and;

http://www.heise-security.co.uk/articles/98120

What do you guys think of this?

_________________
ACHTUNG!
ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKSEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN.
Back to top
View user's profile Send private message Send e-mail
v-un-v
Janitor
Janitor


Joined: May 16, 2005
Posts: 8933
Location: Birmingham, England, UK
Audio files: 11
G2 patch files: 1

PostPosted: Tue Nov 06, 2007 5:32 am    Post subject: Reply with quote  Mark this post and the followings unread

I mean, Apple don't really do themselves any favours Shocked Shocked
_________________
ACHTUNG!
ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKSEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN.
Back to top
View user's profile Send private message Send e-mail
elektro80
Site Admin


Joined: Mar 25, 2003
Posts: 21959
Location: Norway
Audio files: 14

PostPosted: Tue Nov 06, 2007 5:53 am    Post subject: Reply with quote  Mark this post and the followings unread

Yup, well.. the new black box firewall is a bit odd. ipfw is still in there though. Why not use ipfw?

I have all my stuff behind standalone hardware FWs so I´m not too concerned. As for how big the real problem is, well.. at least I´d like to see the new firewall app wired a bit differently.

_________________
A Charity Pantomime in aid of Paranoid Schizophrenics descended into chaos yesterday when someone shouted, "He's behind you!"

MySpace
SoundCloud
Flickr
Back to top
View user's profile Send private message Visit poster's website
v-un-v
Janitor
Janitor


Joined: May 16, 2005
Posts: 8933
Location: Birmingham, England, UK
Audio files: 11
G2 patch files: 1

PostPosted: Tue Nov 06, 2007 6:02 am    Post subject: Reply with quote  Mark this post and the followings unread

Yes I think that's standard for most experienced users- I mean you are an IT technician right? I'm more worried about those who aren't. The beauty of the old system is that it was just there and on. Perhaps Apple are now thinking that most people have routers that have the built in Firewall?

more stuff;

http://www.matasano.com/log/986/what-weve-since-learned-about-leopard-security-features/

_________________
ACHTUNG!
ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKSEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN.
Back to top
View user's profile Send private message Send e-mail
elektro80
Site Admin


Joined: Mar 25, 2003
Posts: 21959
Location: Norway
Audio files: 14

PostPosted: Tue Nov 06, 2007 6:04 am    Post subject: Reply with quote  Mark this post and the followings unread

Still, you should read those pages again.. in more detail. There are some issues here, but ..

Tom, try this one: Mac Os X 10.5 Firewall =Tofu
Read it and pay attention. You´ll see why I´m too impressed by those other opinions.

Still, I´d like to see the new firewall wired a bit differently and with more pro options and shit.

_________________
A Charity Pantomime in aid of Paranoid Schizophrenics descended into chaos yesterday when someone shouted, "He's behind you!"

MySpace
SoundCloud
Flickr
Back to top
View user's profile Send private message Visit poster's website
elektro80
Site Admin


Joined: Mar 25, 2003
Posts: 21959
Location: Norway
Audio files: 14

PostPosted: Tue Nov 06, 2007 6:12 am    Post subject: Reply with quote  Mark this post and the followings unread

v-un-v wrote:

http://www.matasano.com/log/986/what-weve-since-learned-about-leopard-security-features/


Yes.. but hardly problematic. I think Seatbelt ( the sandbox thingie) in OS X is pretty cool. You understood what you read here?

_________________
A Charity Pantomime in aid of Paranoid Schizophrenics descended into chaos yesterday when someone shouted, "He's behind you!"

MySpace
SoundCloud
Flickr
Back to top
View user's profile Send private message Visit poster's website
v-un-v
Janitor
Janitor


Joined: May 16, 2005
Posts: 8933
Location: Birmingham, England, UK
Audio files: 11
G2 patch files: 1

PostPosted: Tue Nov 06, 2007 6:14 am    Post subject: Reply with quote  Mark this post and the followings unread

elektro80 wrote:

Read it and pay attention.

Laughing

That typeface is making me feel physically sick!! Shocked Laughing

But I get the meaning there. Apple have just released a security fix for Quicktime so I would imagine that all these scare stories are unfounded? I suppose I too was a little over impressed also.

_________________
ACHTUNG!
ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKSEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN.
Back to top
View user's profile Send private message Send e-mail
v-un-v
Janitor
Janitor


Joined: May 16, 2005
Posts: 8933
Location: Birmingham, England, UK
Audio files: 11
G2 patch files: 1

PostPosted: Tue Nov 06, 2007 6:15 am    Post subject: Reply with quote  Mark this post and the followings unread

elektro80 wrote:
You understood what you read here?


I think so. It relates more to the post that you just sent me?

_________________
ACHTUNG!
ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKSEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN.
Back to top
View user's profile Send private message Send e-mail
elektro80
Site Admin


Joined: Mar 25, 2003
Posts: 21959
Location: Norway
Audio files: 14

PostPosted: Tue Nov 06, 2007 6:17 am    Post subject: Reply with quote  Mark this post and the followings unread

What post? PM?

This one?

Female crotch enhancing article
Document Type and Number:
United States Patent 20040154079
http://www.freepatentsonline.com/20040154079.html
Shocked

_________________
A Charity Pantomime in aid of Paranoid Schizophrenics descended into chaos yesterday when someone shouted, "He's behind you!"

MySpace
SoundCloud
Flickr
Back to top
View user's profile Send private message Visit poster's website
elektro80
Site Admin


Joined: Mar 25, 2003
Posts: 21959
Location: Norway
Audio files: 14

PostPosted: Tue Nov 06, 2007 6:20 am    Post subject: Reply with quote  Mark this post and the followings unread

http://padilla.net/osx-10.5_firewall_test
_________________
A Charity Pantomime in aid of Paranoid Schizophrenics descended into chaos yesterday when someone shouted, "He's behind you!"

MySpace
SoundCloud
Flickr
Back to top
View user's profile Send private message Visit poster's website
v-un-v
Janitor
Janitor


Joined: May 16, 2005
Posts: 8933
Location: Birmingham, England, UK
Audio files: 11
G2 patch files: 1

PostPosted: Tue Nov 06, 2007 6:21 am    Post subject: Reply with quote  Mark this post and the followings unread

Laughing

No! Not That one OMG!!!!
Shocked Shocked Shocked Laughing

the last one up there ^^^

_________________
ACHTUNG!
ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKSEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN.
Back to top
View user's profile Send private message Send e-mail
elektro80
Site Admin


Joined: Mar 25, 2003
Posts: 21959
Location: Norway
Audio files: 14

PostPosted: Tue Nov 06, 2007 6:26 am    Post subject: Reply with quote  Mark this post and the followings unread

elektro80 wrote:
http://padilla.net/osx-10.5_firewall_test



Quote:
I do think, however, that this offers some interesting data to counter the previous 'tests' and that anyone with a bit of network security knowledge can see that the situation is not nearly as dire as that painted by the other reviewer.

_________________
A Charity Pantomime in aid of Paranoid Schizophrenics descended into chaos yesterday when someone shouted, "He's behind you!"

MySpace
SoundCloud
Flickr
Back to top
View user's profile Send private message Visit poster's website
Kassen
Janitor
Janitor


Joined: Jul 06, 2004
Posts: 7678
Location: The Hague, NL
G2 patch files: 3

PostPosted: Tue Nov 06, 2007 6:28 am    Post subject: Reply with quote  Mark this post and the followings unread

I read about this on Slashdot a few days ago, looks very bad for the average Apple user, I think.

About that sandboxing thing; what surprised me most about that description was that apparently Apple thinks it's a good idea to let a chat program call arbitrary programs at will by default.

Lovely combination of factors.

_________________
Kassen
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Kassen
Janitor
Janitor


Joined: Jul 06, 2004
Posts: 7678
Location: The Hague, NL
G2 patch files: 3

PostPosted: Tue Nov 06, 2007 6:38 am    Post subject: Reply with quote  Mark this post and the followings unread

elektro80 wrote:

Quote:
I do think, however, that this offers some interesting data to counter the previous 'tests' and that anyone with a bit of network security knowledge can see that the situation is not nearly as dire as that painted by the other reviewer.


Hmmmmm, that doesn't cover out-bound traffic at all so this "firewall" still won't be of any help against keyboard sniffers and so on.

_________________
Kassen
Back to top
View user's profile Send private message Send e-mail Visit poster's website
v-un-v
Janitor
Janitor


Joined: May 16, 2005
Posts: 8933
Location: Birmingham, England, UK
Audio files: 11
G2 patch files: 1

PostPosted: Tue Nov 06, 2007 6:57 am    Post subject: Reply with quote  Mark this post and the followings unread

The director of Internet security at Denver University reckons that this is all nonsense too. I suppose if he says this is nonsense, we better take his word for it. Confused
_________________
ACHTUNG!
ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKSEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN.
Back to top
View user's profile Send private message Send e-mail
v-un-v
Janitor
Janitor


Joined: May 16, 2005
Posts: 8933
Location: Birmingham, England, UK
Audio files: 11
G2 patch files: 1

PostPosted: Tue Nov 06, 2007 6:58 am    Post subject: Reply with quote  Mark this post and the followings unread

Kassen wrote:
elektro80 wrote:

Quote:
I do think, however, that this offers some interesting data to counter the previous 'tests' and that anyone with a bit of network security knowledge can see that the situation is not nearly as dire as that painted by the other reviewer.


Hmmmmm, that doesn't cover out-bound traffic at all so this "firewall" still won't be of any help against keyboard sniffers and so on.


I suppose if you are really paranoid, one can turn on FileVault?? Shocked

_________________
ACHTUNG!
ALLES TURISTEN UND NONTEKNISCHEN LOOKENPEEPERS!
DAS KOMPUTERMASCHINE IST NICHT FÜR DER GEFINGERPOKEN UND MITTENGRABEN! ODERWISE IST EASY TO SCHNAPPEN DER SPRINGENWERK, BLOWENFUSEN UND POPPENCORKEN MIT SPITZENSPARKSEN.
IST NICHT FÜR GEWERKEN BEI DUMMKOPFEN. DER RUBBERNECKEN SIGHTSEEREN KEEPEN DAS COTTONPICKEN HÄNDER IN DAS POCKETS MUSS.
ZO RELAXEN UND WATSCHEN DER BLINKENLICHTEN.
Back to top
View user's profile Send private message Send e-mail
Kassen
Janitor
Janitor


Joined: Jul 06, 2004
Posts: 7678
Location: The Hague, NL
G2 patch files: 3

PostPosted: Tue Nov 06, 2007 7:46 am    Post subject: Reply with quote  Mark this post and the followings unread

I'm not sure file vault will protect you if you encrypt your home dir and are logged in. If *you* can reach those files and your programs can then I would imagine so can a malicious program.

File Vault is probably good enough to keep your spouse/ children/ colleagues out of your data but I don't think it's a solution for the truly paranoid. If you are going to use File Vault I'd strongly suggest enabling encryption of the virtual memory because otherwise disk-recovery techniques set loose on your swap partition will possibly yield the files or the passwords anyway.

_________________
Kassen
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic Moderators: elektro80
Page 1 of 1 [17 Posts]
View unread posts
View new posts in the last week
Mark the topic unread :: View previous topic :: View next topic
 Forum index » Instruments and Equipment » OSX as a music workstation
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Forum with support of Syndicator RSS
Powered by phpBB © 2001, 2005 phpBB Group
Copyright © 2003 through 2009 by electro-music.com - Conditions Of Use