Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the '10.5: Compare Time Machine backups to original drive' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.5: Compare Time Machine backups to original drive
Authored by: wfolta on Nov 23, '07 12:06:57PM
It looks like time machine is as phony as the new firewall: the box says "don't worry, we handle it !", and the truth is they don't, and you should worry.

First, the application firewall is a step forward in terms of usability. More users will be more secure with something that works as they expect: per-application/service permissions.

Second, the "phoney" was a miscommunication in terms of what the firewall was doing. It was more secure than initial investigators assumed, because they did not account for things like sandboxing of the "critical" services that could not be shut off. There was a bug where changes were not immediately reflected (running applications were not affected), but that was fixed in 10.5.1.

Third, the "critical" services that cannot be turned off in the firewall are sandboxed -- another new security feature in Leopard.

Fourth, 98% of Mac users do not understand ipfw rules or their implications. I've got a computer science degree, and it's still difficult to have a bullet-proof ipfw ruleset and it's easy to have things fail that then take elaborate debugging to fix. When security is burdensome, people turn it off, resulting in an overall lowering of security.

Fifth, ipfw is still included with Leopard and you can turn it on in addition to the application firewall. They work hand-in-hand.

[ Reply to This | # ]