With all the chatter out there, we really can’t avoid talking about Leopard’s new built-in firewall. As we’ve alluded to previously, we’ve been treading carefully in this area since we sell a firewall that’s much better than any that’s been built into Mac OS X to date. There, we said it. Really, it is. We hate to be immodest, but very few people would dispute this point and we would do you, our reader, a disservice if we didn’t bring it up. But of course we do sell our firewall, whereas the one built into Mac OS X is “free.”

With Leopard, Apple completely redesigned and rewrote the built-in firewall. Rather than basing it on “tried and true” concepts and models, Apple went into “innovation mode.” Apple’s innovations are usually quite excellent things like the iPhone, and we’d all (the whole world) be in sorry shape without many of them. Leopard’s firewall, however, does not yet fall in this category.

Apple’s goal with the Leopard firewall is a good one -- make it easier to use by changing the model from the traditional “ports and protocols” one to the simpler “applications” one. Easy-to-use security is usually good security. Long term, Apple’s goal has potential. Short term, it just hasn’t worked well at all. You of course would be rightly skeptical of our saying this, so the rest of this blog entry is simply links to primary sources (as opposed to the myriad publications echoing these sources) talking about Leopard’s built-in firewall.  The list starts with Apple’s own recent justifications, which understandably they felt a need for in light of all the other “opinions.” Better late than never, but things would have been a whole lot easier all around if these justifications had just been available the day Leopard shipped!

Mac OS X 10.5: About the Application Firewall - Apple Computer [there are some unfortunately too-technical terms and ramifications in this article that we’ll try to explain in the future]

Leopard Firewall Takes One Step Forward, Three Steps Back - TidBITS

Investigating the Leopard Firewall - Securosis.com

Mac OS X Leopard firewall breaks programs - Heise Security

Leopard with chinks in its armour - Heise Security