Mac OS X 10.6 Snow Leopard

Unless you've been living under a rock the last few days, you probably know Apple just (briefly) announced the next version of OS X, calling it 10.6 Snow Leopard.

In a break with past releases and announcements, they have said they are not focusing on "features". The press release says:

Rather than focusing primarily on new features, Snow Leopard will enhance the performance os OS X, set a new standard for quality, and lay the foundation for future OS X innovation.
...
In our continued effort to deliver the best user experience, we hit the pause button on new features to focus on perfecting the world's most advanced operating system.

While Apple says they are not working on features, it seems more accurate to say they are not not working on too many user features.


Foundation
In past releases, OS X has been in a state of flux with important API's changing or being replaced. This has made OS X a bit of a moving target for developers. It appears with OS X 10.5 Leopard and OS X 10.6 Snow Leopard, Apple is attempting to settle things down now that they have things close to where they want them. New API's will surely be added and changes will be made, but it seems likely they will avoid the wholesale changes of the past.


Grand Central (Multi-Core CPU Utilization)
OS X has always been multiprocessor aware, but it Apple seems to be reacting to the CPU industry's effort to focus on multiple cores instead of individual processor clock speed. Now that the GHz Wars have all but ended, the efficient use of multiple processors and multiple cores is the primary method to improve performance.

If Apple has made the process of programming for and utilizing multiple processors easier to implement (or nearly automatic), this will be a huge deal and a major advantage. If they have created methods to more efficiently use multiple processors at an OS level, this will be nice (especially if they are rewriting OS X to be more reentrant allowing multiple "in flight" OS calls).

NY Times Article and Interview with Steve Jobs

“The way the processor industry is going is to add more and more cores, but nobody knows how to program those things,” he said. “I mean, two, yeah; four, not really; eight, forget it.”

Apple, he claimed, has made a parallel-programming breakthrough.

OpenCL (GPU Utilization)
It appears Apple is pushing a new, open standard to allow general purpose use of the GPU. If Apple can make general use of the fast GPU's sitting idle much of the time, this will be a major performance enhancement. If they can make this GPU utilization mostly automatic for the everyday developer, it could be a significant coup.

It will be interesting to see if this has anything to do with LLVM for which Apple has long been suspected of having a special use. They are already using it in OpenGL.

CNET Article and Interview with Nvidia's CEO

"Apple knows a lot about CUDA," Huang said, implying the company might be ready to formally embrace Nvidia's technology to make it easier to exploit graphics chips inside Macs. Apple's implementation "won't be called CUDA, but it will be called something else," Huang said in an interview here at Nvidia's headquarters on Wednesday.

From the NYT

“Basically it lets you use graphics processors to do computation,” he (Jobs) said. “It’s way beyond what Nvidia or anyone else has, and it’s really simple.”

64 Bit
This is a no-brainer for Apple. By using a larger address space, they engage in some "future-proofing", while giving some RAM hungry apps some breathing room. Being able to address 16TB of physical RAM is nice now, but it will be am absolute requirement soon. As with hard drive space and closet space, more is better.


QuickTime X
Apple is learning from every project they implement. In creating the iPhone, they apparently worked to make QuickTime more efficient, and QucikTime X Mac (and Windows?) users will benefit from that.

It is fascinating to imagine if this might be interwoven with OpenCL. It seems generally like a good idea to offload audio and video media processing to the GPU when possible.

Apple's Press Release

Using media technology pioneered in OS X iPhone, Snow Leopard introduces QuickTime X, which optimizes support for modern audio and video formats resulting in extremely efficient media playback. (emphasis added)

Exchange 2007 Support
By adding Exchange support into OS X for use in Mail, Address Book, and Calendar, Apple will remove one of the single biggest obstacles to selling Mac's into business and the enterprise in particular. It seems Apple realizes continued growth will require some level of business adoption, and this one feature will go a long way towards enabling those sales.


Mobile Me
"Exchange for the rest of us" is Apple's tag line for Mobile Me which will replace .Mac . This seems to largely apply to iPhone users, but the features will be nice for Mac (and Windows?) users too. Mobile Me will sychronize and give users access to their contact and calendar along with their Mobile Me e-mail, all through a jazzy Web 2.0 Javascript interface blurring the lines between local apps and web apps.


SquirrelFish (Javascript Engine)
The Webkit team has been working on a new, faster JavaScript engine for Safari called SquirrelFish. This will provide a major performance boost and runs the SunSpider benchmark 1.6 times faster.

Obviously, Apple's new Mobile Me platform and web sites in general will provide a better experience with a faster JavaScript engine. More of the application-like features of the web sites we all use require JavaScript, so this could be a big help.

Mac OS X 10.5 Leopard: About the Application Firewall

Mac OS X 10.5 Leopard: About the Application Firewall

Apple has updated the knowledgebase article on Mac OS X 10.5 (Leopard) firewall. This is the new, additional firewall referred to as an "application" firewall. Unlike ipfw, which works at the packet level, the new firewall works at the application level allowing or disallowing applications to receive packets.


Links to previous Geek Precis Articles:

• When Will Apple Require Code Signing in Mac OS X?
• Leopard 10.5.1 Is Out With Security Fixes But Issues Remain
• A Summary of Leopard Firewall Issues
• Leopard Firewall - Testing Analysis and Speculation
• Is Leopard's Firewall Insecure or Broken? Maybe not.

About the Mac OS X 10.5.3 Update

About the Mac OS X 10.5.3 Update

Apple has released the Mac OS X 10.5.3 update.  As usual, it is recommended for all users and has a gazillion fixes and patches.

When Will Apple Require Code Signing in Mac OS X?

After reading Roughly Drafted's recent article on the iPhone SDK's code signing requirements, I began to think about how this might be applied to Mac OS X. Then, I remembered the new Application Firewall in Mac OS X 10.5 (Leopard).

Starting with 10.5, Mac OS X is able to differentiate between signed and unsigned applications and can provide different levels of access to each. This functionality is exposed now in the new application firewall. A related feature is obvious, when Leopard warns you the first time you run a downloaded application.

Here's Where Things Get Interesting
The same system of code signing used by Apple for the iPhone could be applied directly to the Mac too. And the same system of iTunes distribution could be used for the whole application or simply for purchasing and delivering license codes. Optionally, Apple's existing "Software Update" system could be used to delivery the actual application files.

What if Apple decided to take this next step in computer security to maintain it's lead over Microsoft. They could implement a partially optional code signing system for Mac OS X. Signed apps would have full security privileges. Unsigned apps might generate a warning similar to a recently downloaded application until silenced. Or at the user's option, unsigned applications might not be allowed to run, or might be heavily restricted.

This would make it virtually impossible for trojans and most malware to get installed. And if the warning for unsigned apps repeated (say, daily, weekly, or monthly), it might effectively disable some malware simply by repeatedly asking for permission.

Apple can restrict the security privileges of their own software so that even exploits based on buffer overflows or other issues can be limited to specific security rights in a "sandbox". And a third party application's signature could limit it in the same manner.

I think this could be an elegant way to extend security without creating too much additional user inconvenience.



Leopard Application Firewall background here at Geek Precis:

• Initial article
• Testing and Analysis
• Summary
• Leopard 10.5.1 Update

Apple Links:

• Leopard Security Features
• Code Signing

A Fix for Slow WiFi 802.11 File Transfers under Mac OS X Leopard 10.5.2

While trying to transfer files from a wired iMac running 10.5.2 to a wireless MacBook Pro running 10.5.2, I ran into extremely slow transfers.

I was attempting to copy the free part of Nine Inch Nails' new album and decided to leave the slow transfer plodding along, while I researched the issue. It seems I was not the only one having this problem (Apple Support Discussion link).

It appears likely the problem has crept in with the 10.5.2 update, and it dramatically slows wireless transfers under some conditions. It seems to affect a variety of wireless Macs connecting through a variety of wireless router brands including Apple.

Based on some of the posts, it appears the problem is related to "silly window syndrome" which causes confusion with the normal packet acknowledgment process in TCP/IP. Due to this confusion (which may be caused by edge cases of transfer size and timing), both machines basically pause waiting for the other to say go. In the fast and furious world of TCP/IP, this shows itself as a dramtic slow down in large transfers, while it may not be so noticeable in smaller transfers.

But there is a fix (or at least a workaround). You can change your Mac's default ACK setting from 3 to 0 with the following Terminal command:

sysctl -w net.inet.tcp.delayed_ack=0

And you change it back to the default of 3 with:

sysctl -w net.inet.tcp.delayed_ack=3

Or you can simply check you existing setting with:

sysctl net.inet.tcp.delayed_ack

Note: You will likely need to preface any command changing these settings with "sudo" and enter your admin password to use your root account privileges.

Hopefully, Apple will roll out a more elegant and more permanent solution soon.



Additional Links:
Related Technical Paper
Script to make the ACK change on login
MacOSXHints

Mac Backup Solutions

A while back, a friend of mine asked if I could help him recover his data and digital photos. His PC had had problems and the manufacturer's support team had recommended he use the "restore" disc that came with the PC. They said his data would be preserved, but it was not. He lost a great deal of important data and invaluable photos of children and family.

It convinced me I needed to become more serious about my own backups. While I have always maintained backups of my text and documents, digital photography and digital music have greatly increased the size of my own dataset. In working through the issues involved, I gathered a great deal of data I thought I would share.

Background
In the world of Mac backup solutions, I think most solutions differ in five generalized types of functionality:

Cloning vs. Snapshots
Solutions creating clones or duplicates help you maintain an exact copy of your most recent data. They do not help you maintain a history of snapshots or changes. By benefit of not keeping track of multiple versions of your files, they can be simpler and faster to deal with in a data loss situation. In short, if you have a clone of your disk, you can be back up and running quickly, in case of a disk failure. However, a clone probably will not help you find a file you deleted or changed a month ago.

A snapshotting solution will keep different time-based versions of your data. If you work on a single data file over the course of a month, a snapshot system will keep copies of different versions of that file at various points in its change history.

Onsite vs. Offsite/Internet
Onsite backups are stored at the same physical location as the original data. This is inherently dangerous. In case of a fire or flood, your backup would be lost along with the original data.

Offsite backup consist of backups stored at any location different than the location of the original data. At a bare minimum, it is desirable to move your backup away from your computer to help in case your equipment is stolen. At the other end of the offsite spectrum are enterprise backup solutions provided over the Internet. In that case, you data is likely stored far away in a secure and protected bunker.

The trade offs are fairly clear: the closer your backup is, the easier it is to use or lose. Internet services are good for data protection, but your ability to get your data to them will be limited by you upload speed to the Internet.

Manual vs. Automatic
Some backup solutions are automatic and go about their business without any human intervention, and some do absolutely nothing until told to do so. As humans are generally the least reliable part of a backup system, automatic is usually better than manual.

Backup Medium
While I am assuming your original data resides on a hard disk or disks, your backup could be in many different formats. Some people make backups of their data to optical disc such as CD or DVD or to a flash key. Many modern backup systems backup to hard disks or tapes, and Internet solutions are "black boxes" in that you don't really know (or care) how they store your data (although it is likely stored on hard disks in a SAN environment).

Full Backups vs. Differential
Most backup programs will back up your data in one of two ways: 1) a full backup that is a new and complete backup of your data, or 2) an differential or incremental backup consisting only of data that has changed or been added since the last backup. A full backup can take longer to backup because it must backup all your data, whether it has changed recently or not. However, a differential backup can take longer and be more difficult when restoring data, because you need all the differential backups to have all of your data.

While everyone would like to be dealing with full backups in a recovery situation, datasets are becoming so large as to become impractical in some cases to make frequent full backups.

Solutions
SuperDuper!
SuperDuper is an excellant cloning application. It can automatically maintain a bootable backup of your boot disk and/or maintain clones of your data disks. This functionality can invaluable, if downtime is your biggest fear. If you have maintained a bootable clone of you disk and have a failure, you could be back in business by simply booting from your clone.

It has recently been updated to v2.5 for Leopard (Mac OS X 10.5) and Time Machine compatibility. The basic functionality of manually cloning drives is free, and the full app is only US$27.95 .

iBackup and rsync
"rsync" is an open source utility providing file synchronization on many platforms. It provides for too many features to mention, but it is mainly used for cloning of particular datasets/folders and keeping them up-to-date by only overwriting the files that have changed. This makes it very efficient.

iBackup expands on and provides a GUI to rsync. It allows you to use the GUI to select what files you want to sync and to schedule the synchronization to occur automatically. It is free for non-commercial use and relatively inexpensive for business use.

Time Machine and Time Capsule
Time Machine is Apple's new backup solution in Leopard Mac OS X 10.5 providing snapshot-style backups of your data to a separate disk on an automatic basis. Once you have activated it, it checks for changes every hour and archives those changes. As Apple's web site says, "Time Machine saves the hourly backups for the past 24 hours, daily backups for the past month, and weekly backups for everything older than a month."

Time Capsule is Apple's combination of an Airport Extreme Base Station and a hard drive. It provides storage and is available for use by Time Machine over your wired or wireless B, G, or N network. This allows you to use Time Machine to backup all the Mac's on your network to one device, and it comes in Time Capsule (500GB) and Time Capsule (1TB) models.

ZFS
ZFS is Sun's open source files system which provides many useful features. I include it here, because it can provide many backup-like features, and Apple may be relying on it in future releases of Mac OS X. It can provide filesystem snapshotting and RAID features across different hard disks. Right now, it is probably too complex to use for most consumers.

While ZFS is not a backup solution per se, I have included it for completeness, and because it is interesting.

RAID
RAID is a redundant array of inexpensive disks. Various RAID configurations can be used to protect your data by redundantly storing it automatically on more than one disk during live use or used to speed data transfer by transferring data from more than one disk at a time during live use. Some RAID configurations offer a combination of increased speed and increased redundancy.

The most basic RAID configuration for our purposes is RAID 1 which consists of "mirroring" your data across two drives transparently. Basically, any time data is written to one disk it is also written to the other. If one disk fails, the other still has 100% of the data. This can be expensive, because two disks are holding data that would fit on one disk.

RAID is not really a backup solution, but the redundancy it can provide can improve your situation in case of a hardware failure.

.Mac Backup
Backup is Apple's (not very creatively) named backup program for .Mac subscribers. It can perform automatic differential backups to local disks, optical discs, and to your iDisk.

Mozy
Mozy is an online backup solution for PC and Mac users, and it is now owned by enterprise storage vendor, EMC. It is available for free for up to 2GB datasets and inexpensive for unlimited storage. in any case, Mozy will store your backup data going back 30 days. The Mozy client software allows you to select the files to be stored as well as a few other options.

As with any Internet-based service, Mozy will be limited by you Internet connection speed.

S3 and Jungle Disk
S3 is Amazon's Simple Storage Service, and it provides unlimited storage in a pay-as-you-go format. Once you have an account, Amazon will charge you a relatively small amount of money for the data you upload, download, or leave stored on their service. The storage is fairly free form, so it does not directly provide any backup features.

Jungle Disk is an application front-end for S3 and provide easy access to S3 features.

CrashPlan
CrashPlan is a slightly different animal. It is a software package that allows you to use another computer running CrashPlan software as a storage location. You and a friend could provide an agreed upon amount of backup space to each other, for example. It is a friend-to-friend (as opposed to anonymous P2P) solution providing offsite backup and working on Mac, Linux, and Windows platforms.


What are you using to backup your data?

Leopard 10.5.1 Is Out With Security Fixes But Issues Remain

Apple has released Mac OS X 10.5.1 Leopard and has included numerous security fixes (as usual), but some issues remain. Download the update from Apple here.

All these fixes bode well showing Apple's quick response to issues raised by their users. I am still hopeful the application-based (socket) firewall will become a strong security asset to improve Mac OS X's reputation for security. Although I believe the traditional ipfw will need to play a role also.

I like the idea of a layered security approach where ipfw blocks things at a port and packet level, and Leopard's new socket firewall blocks things at an application level. (Of course a hardware firewall is still recommended for home network connections.) Combine this with a system that leaves unnecessary services off until needed and has few exploitable bugs, and you have a highly secure system with minimal inconvenience.


Fixed in 10.5.1

• The firewall settings no longer refers to "Block all incoming connections", but calls it more accurately "Allow only essential services". This should go a long way to fixing the confusion caused by mislabeling this setting.
• When "Set access for specific services and applications" is selected in the application firewall, the setting now functions properly when setting "Block incoming connections" on root processes. Previously, root processes were always allowed.
• Processes launched by launchd previously were not affected by firewall settings changes until they were restarted. This caused applications to be unexpectedly exposed, and this was especially noticeable when changing settings and testing as many security expert did.

Not Sure

• From Apple's 10.5.1 Release Notes:

"Addresses a code signing issue; third-party applications can now run when included in the Application Firewall or when whitelisted in Parental Controls."

This may refer to fixes for applications like Skype, World of Warcraft, and other apps that do their own integrity check. We'll see how things develop.

Open Issues Remaining in 10.5.1

• Processes running as root still are allowed to accept incoming connections, unless specifically blocked. This will continue to be a sore spot, as it leave open the possibility of an exploit or Trojan running as root to go about it's business unhindered. An important thing to consider: any process running as root could change any settings it wanted.
• ipfw is still not active, as it is running with only one rule (65535 allow ip from any to any).
  

Background
Apple Release Notes for 10.5.1
Apple Security Update Notes
Here at Geek Precis - initial, testing and analysis, and this article
Heise Security - initial, testing, and application signing
Securosis - investigation and good news
TidBITS
LeoFUD - initial FUD and code signing
Apple - firewall support docs and code signing




Books

• Mac OS X Security
• Maximum Mac OS X Security
• Internet Security for Your Macintosh
• Building Linux And Openbsd Firewalls
• Firewalls for Dummies, Second Edition
• Firewall Fundamentals
• Building Internet Firewalls (2nd Edition)

A Summary of Leopard Firewall Issues

There are a handful of issues or problems with the new Leopard firewall. Here's the short version:

• Ipfw is still available, but basically does nothing and has no graphical interface.
• The interface and performance of the new firewall do not match. "Block All" does not block all.
• Leopard uses executable signing to "authorize" network traffic to certain services and applications. The signature data appears to be added to the actual binary, and some apps do not like to have their binaries modified and fail to run after failing a checksum or hash check.
• Apple has provided no information (that I'm aware of) to explain what is going on and why.

ipfw
The previous firewall is still installed and running. It just doesn't appear to be used for much. Anyone interested can still use it. I believe it is still operating at the port layer below the sockets layer, where the new application-based firewall appears to be running.


If desired, ipfw can still be configured via the terminal or a GUI utility such as WaterProof.


Leopard's New Firewall Performance
As you probably know, Leopard's new firewall does not do exactly what it says it is doing in the GUI. I discussed this previously and you can find additional details all over the Net.

When the new firewall says it is blocking everything, it is not. Certain "privileged" traffic is still allowed. This is cause for concern, because some future exploit might find a way to take advantage of this functionality to secretly allow traffic to/from itself. Only time will tell how secure this actually is.


Application Signing
In order to increase security, Apple has implemented application signing. Apple's applications are cryptographically signed, and 3rd party ISV's can sign theirs too. This is intended to ensure both the integrity and identity of applications.

Some applications do not like to have their executable changed and will fail is they detect this. Many online games do this check to prevent cheating, and Skype appears to do this also. There are reports that World or Warcraft and Skype both fail, due to this modification of their binaries.


Apple Has Provided No Information
As far as I can tell, Apple has not had anything to say about the analysis and FUD flying around the Internet. Hopefully, they will explain things and maybe make some of the changes I've previously suggested.

Update: it appears Apple has posted some explanation confirming that ipfw is still running below the new firewall (via Securosis).


Background
Here at Geek Precis - initial, testing and analysis, and this article
Heise Security - initial, testing, and application signing
Securosis - investigation and good news
TidBITS
LeoFUD - initial FUD and code signing
Apple - firewall support docs and code signing




Books

• Mac OS X Security
• Maximum Mac OS X Security
• Internet Security for Your Macintosh
• Building Linux And Openbsd Firewalls
• Firewalls for Dummies, Second Edition
• Firewall Fundamentals
• Building Internet Firewalls (2nd Edition)

Good Leopard Reviews

• A very nice in-depth and technical review of Leopard from Information Week
• John Sirasusa@ArsTechnica - Mac OS X 10.5 Leopard Review, the usual definitive review

My previous list of reviews is here.

Leopard Firewall - Testing Analysis and Speculation

Click Here for an Updated Summary of Leopard Firewall Issues Here at Geek Precis

After all the discussion on the web concerning Leopard's new firewall, I wanted to do some testing in an attempt to better understand what was happening. I've divided my results and the related discussion into sections for easy digestion.

Summary
Apple has made significant changes to how the firewall functions in Mac OS X 10.5 (Leopard). In an apparent attempt to tightly integrate the firewall with their applications and services of their new OS, they have added a proprietary firewall to provide different/additional functionality and flexibility. The previous firewall (ipfw) is still there and running, but not really doing anything by default.

I think things are not as bad as some articles have made it seem, but I think Apple should make some changes to fix both the perception and the reality.


Background

• Heise Security Article - original analysis of potential flaws in Leopard's firewall
• My initial post
• Slashdot discussion
• Securosis analysis - some good testing
• ipfw - Wikipedia, FreeBSD
  
• IANA TCP/IP Port List - for good measure

More Good Links

• Bruno Morisson (Confessions of a dangerous mind)
• Leofud #1 #2
  
• Slashdot discussion
  

How Leopard's Firewall Performs
After reading everything I could find, I did some testing of my own. Here's what I found:


I started with a few basic services (File Sharing, Printer Sharing, and Remote Login) turned on in the Sharing preference pane. After testing that basic configuration, I turned everything off in the Sharing pane and disabled the sharing activated by my iLife applications to see how the firewall would respond with no user selected sharing active.

Leopard's new firewall does a few things that might be expected and a few that might be considered unexpected:

Expected

• Allows any traffic associated active shared resources (as determined by the Sharing Preference Panel). This is what previous versions of Mac OS X did by default.
  
• Blocks traffic destined for various "random" ports.
  

Unexpected

• The default firewall setting is to "Allow all".
  
• Allows any traffic associated with (signed) applications that have sharing activated (as determined by individual application UI's).
• Allows certain system traffic (Kerberos and NTP).

Basically, Leopard's firewall allows traffic associated with sharing that the user has selected in the usual way, allows traffic destined for "trusted" applications (if requested by the user in the application's interface), and allows traffic you will not find anywhere in the firewall interface.

Any shared services (e.g. file or printer sharing) the user has activated will be allowed access, unless the user manually deactivates that service share or manually blocks it in the firewall. And some services used by the system will accept traffic under almost any circumstances. This is odd, and I'm not yet sure what the intention is here.


What Apple Has Done
It appears to me Apple has added their own application-based firewall in a layer above the open source ipfw firewall (see below).


It looks like you can manually configure ipfw via the command prompt or use a GUI-based configuration utility (e.g. WaterProof) and restore the functionality that was previous exposed by the firewall portion of Tiger's Sharing pane. Ipfw is installed and running, but it appears to only have a single rule allowing any and all traffic. All the traffic allowed by ipfw would then pass to Apple's new firewall for further inspection. If a default configuration, Apple's firewall would be providing the only practical packet inspection and filtering; ipfw is there, but not really doing anything.


Why Apple Configured the Firewall This Way
I believe Apple decided ipfw did not provide the kind of flexibility and integration with their applications that they wanted in order to produce an elegant, user-friendly OS. They wanted a solution that was tightly integrated with the services and sharing provided by MacOS X 10.5 and Apple's applications.

In what I hope is NOT a return to the mistakes of the "old" Apple, they decided to create a new firewall from scratch rather than using well-developed and mature open source solutions like ipfw. In the past, Apple has chosen to take the proprietary (sometimes incompatible) path, and I fervently hope this is not a sign they are returning to that behavior.

I can understand Apple's desire to create a firewall configuration process that is easy to use to most non-geek users. The previous setup was easily understood by people with some networking knowledge, but fairly difficult to understand by non-techies. And it was often the case that 3rd-party configuration utilities and Apple GUI were not compatible and would could not work together without resetting the ipfw rules to match the configuration of the last UI used.

And I think there might be other justifications for this change including the sharing and services (e.g. Back to My Mac) Apple is offering and plans to offer, and a desire to integrate with some of Apple's new security features (i.e. sandboxing, application signing, and tagging downloaded applications). Apple is not likely to announce any plans that might use this new functionality, at least not before they are released.

But in the end, I think Apple has done themselves a disservice from a public relations perspective. Prior to this, Apple was universally praised for being more secure than its Windows competition. The news surrounding the firewall changes, while maybe overblown, is conspiring with the recent announcement of a Mac Trojan to make Mac OS X's security look weaker.

While the perception will likely last, only time will tell if the technical performance is better or worse than ipfw in previous versions of Mac OS X.


Recommendations
I recommend Apple do a few things to improve the situation:

• First, Apple must get out on this story and explain in detail what has changed and why. Without doing this, it is too easy to speculate and create FUD. I cannot understand why they have not responded to the bad press during Leopard's launch.
• Second, Apple should change the default behavior to set the firewall to "Block All Incoming". The user can then be notified if and when this setting needs to be changed.
  

After this they have a few options:

1. Apple could re-implement their application-based firewall as a control layer that works with ipfw to make the necessary changes instead of using a separate, proprietary firewall.
2. They could change the default rule in ipfw to block more incoming traffic that is not needed or wanted by any of the sharing features they appear to be so concerned about. At least this would close a few potential doors, while still allowing them to use their new firewall too.
   
3. They could provide an "advanced" mode and UI returning the firewall behavior to the previous configuration relying on ipfw and disabling the new firewall layer. This would give the advanced user the control he or she wants, although it might disrupt some functionality in the areas of remote access and sharing.

What I do not believe is a good option is for Apple to leave things alone and/or not change anything.







Tools and Software

• WaterProof - ipfw GUI configuration
• Apple's built-in port scan (/Applications/Utiltities/Network Utility)
• Nessus
• Bonjour Browser
• Observation Post

Books

• Mac OS X Security
• Maximum Mac OS X Security
• Internet Security for Your Macintosh
• Building Linux And Openbsd Firewalls
• Firewalls for Dummies, Second Edition
• Firewall Fundamentals
• Building Internet Firewalls (2nd Edition)

Leopard Benchmarks (more)

It appears Leopard benchmarks generally a bit slower on PPC and a touch faster on Intel only in 64-bit mode.

Here's a brief list of Leopard benchmarks from around the web:

• Ars Technica 2007-10-30
• Primate Labs 2007-10-27
• Low End Mac 2007-10-29
• Primate Labs 2007-06-20

Some individual's Leopard benchmark results from MacRumors:

• ivnj
• green86

Does anyone know of any other Leopard benchmarks posted? Leave a comment with your URL, and I'll add yours.

Is Leopard's Firewall Insecure or Broken? Maybe not.

Click Here for a More Up-to-date Summary of Leopard Firewall Issues Here at Geek Precis

More in-depth post here at Geek Precis


Frightening Analysis of Leopard's Firewall

Discussion on Slashdot discussing the actual facts behind the story.

It boils down to a pair of misunderstandings: 1) the security analysts expect Leopard to follow the "traditional" model where the firewall is independent of the OS and related services, and 2) Apple chose to frame the UI with practically accurate, but technically inaccurate phrasing.

Honestly, It always struck me as the worst of both worlds to have a software firewall implemented to mimic an external hardware firewall in every way possible. I actually am excited about a software firewall taking advantage of the benefits of being software and being resident on the client. Hardware firewalls cannot "know" anything about the processes and services running on the client, but a software implementation can take full advantage of this data. This is a feature I always liked about other solutions like Zone Alarm, even if I was bothered by their constant badgering and sometimes opaque interfaces to make changes after-the-fact.

Most users don't think in terms of TCP ports and ACL's, and this fact is a more serious security threat than most technical implementations. By making security hard to use and/or difficult to understand, many "solutions" make it less likely that security features will be used or used properly.

In this case, the security analysts fail to properly take into account the target market for the software firewall and how it will be used in the vast majority of cases. Apple touts Leopard's new Application-based firewall and want to give non-advanced users a way to control the security of their Mac. And it appears to do just that.

But Apple failed to understand how imprecise (technically inaccurate) language makes the system look bad. If the firewall is not actually closed, it shows some degree of poor judgment to say it is closed in the UI. Even if it is "closed" for all practical purposes for the vast majority of users.

In the end, I predict that Apple will release a patch (probably buried in 10.5.1 or 10.5.2) that changes the language in the UI and more obviously allows an advanced user to revert to a traditional firewall. I also predict the security analysts will not make as big a deal out of these changes, when they are made.

Next tempest in a teapot, please.




New Leopard Security Features Involved (from Apple's site)

Tagging Downloaded Applications
Protect yourself from potential threats. Any application downloaded to your Mac is tagged. Before it runs for the first time, the system asks for your consent — telling you when it was downloaded, what application was used to download it, and, if applicable, what URL it came from.

Signed Applications
Feel safe with your applications. A digital signature on an application verifies its identity and ensures its integrity. All applications shipped with Leopard are signed by Apple, and third-party software developers can also sign their applications.

Application-Based Firewall
Gain more control over the built-in firewall. Specify the behavior of specific applications to either allow or block incoming connections.

Sandboxing
Enjoy a higher level of protection. Sandboxing prevents hackers from hijacking applications to run their own code by making sure applications only do what they’re intended to do. It restricts an application’s file access, network access, and ability to launch other applications. Many Leopard applications — such as Bonjour, Quick Look, and the Spotlight indexer — are sandboxed so hackers can’t exploit them.

Leopard Benchmarks

Ars Benchmarks Leopard

Another Great Mac OS Review by ArsTechnica's John Siracusa

John Sirasusa@ArsTechnica - Mac OS X 10.5 Leopard Review

I already included his review in my list of resources, but his articles are so good, I thought I should make a separate entry. Good stuff.

More In-depth Articles on Leopard from Prince McLean (Daniel Eran Dilger)

After some nice previews, AppleInsider's Prince McLean (aka Daniel Eran Dilger) has written some nice introductory articles on different portions of Leopard. Here's a quick list of the links:


Meet Your New Desktop

Mail and iCal

Address Book and iChat

Core Graphics and New UI

Developer Tools

Present and Future Value

Leopard Resources - Great Places to Learn More About MacOS X 10.5

Here's a collection of links to various Leopard reviews and reference materials. I've tried to collect everything useful I have found about Mac OS X 10.5 in one place for easy use. Tell me if you know of any other good sources.

Reviews
John Sirasusa@ArsTechnica
Information Week
Leo Laporte
Daring Fireball
MacWorld
MIT Technology Review
New York Times
PC Magazine
Engadget
USA Today
AppleInsider
Wall Street Journal
ComputerWorld
CNET


Screenshots
AppleInsider
ComputerWorld


Performance and Upgrades
Gizmodo - Old Hardware
Gizmodo - 10 Things to Know Before Upgrading


Glitches and Issues
Leopard Does Not Support Classic
TidBITS - FileMaker
AppleInsider - No Wireless Time Machine Backup


Apple's Links
300 New Leopard Features
Video Guided Tour


Books
The Mac OS X Leopard Book
Mac OS X Leopard: The Missing Manual
Mac OS X Leopard For Dummies (For Dummies (Computer/Tech))
Special Edition Using Mac OS X Leopard (Special Edition Using)
Mac OS X Leopard On Demand
Automator for Mac OS X 10.5 Leopard: Visual QuickStart Guide


My Blog Entries
Tagged with "Leopard"
More on Wide Area Bonjour
Leopard Feature of Interest - Wide Area Bonjour
AppleInsider In-depth Articles by Price McLean (Daniel Eran Dilger)

Leopard Does Not Support Classic

From ArsTechnica

I'm not sure how I feel about the death of Classic. I haven't used it in a loonnngggg time, but it has been nice to think I could if I needed it. And I hate to see an friend head off to the bit bucket. On the other hand, with Classic completely gone, maybe that will free up some resources both on the development side and on the OS side. I wonder how many Classic-related work-arounds and kludges can be jettisoned now.



<