Sunday, November 11, 2007

Leopard's Firewall is Vulnerable

After releasing its latest operating system named Leopard, Apple is suffering from a very bad security vulnerability. This is about the type of firewall used in Leopard. There were reports that this firewall doesn’t blocks all the programs which are marked under block category. Infact, it doesn’t work even if it is set to block all incoming connections. If you are new to Apple’s range of operating systems, please do not get confused by these names. Tiger was the name of previous version of Mac OS X and Leopard is the one which was released last month ie. Oct 26th. Tiger was named as Mac OS X 10.4 and Leopard as Mac OS X10.5 and here we are talking about Leopard.

There are speculations that the firewall program automatically turns off while installing this operating system or while upgrading from the previous version. The major flaw is that, even if the user selects the option to block all incoming connections, an attacker can enter the computer easily just by injecting a small code via worm. This will lead to giving full control of your PC to the attacker. However if you have the extra security built into your router or you are using your Mac in an organization which has a hard core firewall solution, then you don’t have to worry at all.


Rich Mogull a security analyst’s research about the firewall revealed the following outcomes. According to him, Leopard firewall has 3 options, one to block all incoming connections, second to allow all incoming connections and final to allow users to select the application level blocking facility. Another facility allows user to enable stealth mode, in which the system will be on high security area wherein, the attacker cannot even see the machine when he/she scans the internet for a victim. But Mogull’s study revealed that none of these settings behave in their normal fashion. Even the high secure stealth mode works partially and if the user sets the application level settings, the applications starts behaving abnormally. Some of which are Skype service which gets killed automatically. Some games are not running as they do on other operating systems, Adobe creative suite users have also complained about the performance issue. The Photoshop issue which is not running properly or crashing at the time of launch. Some wireless network problems the bandwidth getting chocked while browsing.


So, don’t be in a confusion that your Leopard’s new sandboxing feature will protect your PC. I am sure Apple must be more worried than us, and very soon you will see a security patch to overcome this hurdle.

No comments:

 
©2009 Technical Herald

The articles are copyrighted to Virasat Khan and can only be reproduced given the author's permission