Leopard’s Spots: The Firewall Debacle
As of today it’s been a week since the (in)Famous Heise article was published online that slammed the then-newly-released MacOS X Leopard firewall. The initial article in German was translated to English and the translation has been blamed for at least part of the the problem, but the Heise article made some very damning commentary about what turns out to be relatively minor issues.
Yes, the firewall in Leopard is turned off by default. This is easily remedied. Yes, when you do enable the firewall in Leopard and set it to “Block all incoming connections” it still allows all UDP traffic. This too is easily fixed. (Edit: This seems to be a bigger problem now. See later posts!)
A great anonymous blog turned up in the wake of the Heise article that refuted many of the items in detail, but even as the original article turned out to be much ado about nothing, it skyrocketed to the top of a ton of link aggregation sites including Digg, Slashdot, and basically every Mac Blog.
A simple search on Google now shows more than 475,000 hits related to the Heise article. Whether the ultimate facts were true or not, one fact is irrefutable: Heise got a ton of publicity from the ordeal.