“The macOS 14 Sonoma betas and release candidate contain a bug that causes the firewall to not filter traffic correctly. As a result, our app does not work.” More…
Wow, sounds like a huge bug in the macOS firewall. I wonder if third party firewalls are also affected?
It's such a huge bug I'm thinking of going back to Windows. Hold on, reality check, no I'm staying with macOS lol.
I don't see what this has to do with Windows. No matter what your plans are, it's still a huge hole for people that rely on the macOS firewall to keep them safe. And no, your router won't block outgoing connections from the apps (and malware) that you run. But as I said before, hopefully third party firewalls aren't affected.
I just don't think this is such a big deal. I only upgraded this morning, I think I will be fine. My point was that whatever holes are in macOS, they are paltry compared to the holes in anything from MS.
I think I might have misunderstood what this bug is about. Perhaps it's more related to VPN's, and not so much about the firewall not being able to block outgoing connections. So this means it's mostly a problem for VPN users, see link. And yes Windows has more holes, but only one hole is enough to hack a system as seen in recent attacks on iOS and macOS. Apple had to fix 16 zero days this year, I'm sure you read about that. So if you're a Mac user, and your targeted, you're probably toast because of the lack of good anti-exploit tools on the macOS. https://restoreprivacy.com/critical-firewall-flaw-macos-14-sonomoa-exposes-vpn-traffic/
Correct, it has been fixed, see first link. But apparently it's the second time that Apple messed up, see second link. https://mullvad.net/nl/blog/2023/9/22/macos-14-sonoma-firewall-bug-fixed/ https://mullvad.net/en/blog/2020/11/16/big-no-big-sur-mullvad-disallows-apple-apps-bypass-firewall/
I think that 16 zero days that were actively being exploited in 2023 alone, is quite a lot of for Apple who has always had this image of being way more secure. Of course normal home users will probably not be targeted, it's more about journalists, politicians, activists or even crypto traders. But to answer your question, this is from a 2022 report made by Mandiant: But in the end it comes down to using good endpoint security tools. On iOS it's virtually impossible to protect against exploits by third party tools, so the only thing you can do is to use Lockdown Mode, which you can also use on macOS, but this will break functionality. I would like to see more advanced behavior blocking tools on macOS though.
I'd say that's not too bad of a batting average for Apple (second time messed up and fixed) compared to all of Microsoft's mess ups.
Well, it IS pretty bad, because I don't recall MS ever messing up the Windows Firewall in the last 10+ years. The firewall is one of the most important things when it comes to protecting against info-stealers and as you can see, VPN's rely on it too in order to protect users privacy. I believe most Windows users feel pretty safe too. But like I said, 16 zero days for iOS/macOS who have a market share of about 30% and 15% respectively, compared to a marketshare of about 75% from Windows, is pretty much. And BTW, iOS and macOS share the same codebase, so that's why most of the time the same security bugs affect them both.
I don't even use a firewall in Ubuntu. I'm not sure whether the firewall on my MBA is activated or not. I wouldn't even sit next to a Windows machine if it didn't have a firewall. THAT'S the difference.
My Firewall was off by default when I bought my Mac in 2016 running El Capitan. I turned it on after I bought it and it's still on. Windows may have not messed up their Firewall, but there are a lot of other updates they messed up. @Daveski17 even started a thread in 2014 about it. https://www.wilderssecurity.com/threads/bork-tuesday-any-problems-yet.370217/ WoW a lot of pages in that thread. Hmm, I don't see any Bork threads for the Mac.
I might have a butcher's hook at the Mac firewall. One day. I still can't believe that the Bork Tuesday thread is still going. Windows updates were just plain scary, it was like playing Russian roulette, with a semi -automatic! Apple updates seem fine for me, Linux updating is little and often, and equally non-problematical usually. I think with macOS and Ubuntu I'm more or less covered for what I need. I can never see me returning to MickeySoft.
The default setting for the macOS firewall has been “Inactive” for a long time, and I believe it still is in Sonoma. Users must remember that the macOS firewall is for incoming protections only. Although many browser protection extensions are available, owners/clients should carefully consider the use of a third-party firewall app such as Little Snitch, LuLu, and others for services protection. HTH
Is this for real? So it's not blocking outgoing connections? And that's what people like ProTruckDriver and Daveski17 don't understand. Because these firewalls bugs that Apple introduced in macOS, may even interfere with the correct working of third party firewalls. Instead of being outraged, they are much too busy pointing fingers at Windows, which has nothing to do with this thread, this speaks volumes.
When macOS users install 3rd party firewalls, they soon understand the need for a training period of a few weeks at most. Thereafter, many users will forget they even have the extra protection. As for additional & effective protections for macOS users, much has been posted here and by the knowledgeable in other sources. Going back to the original reason I started this alerting thread, Mullvad fixed their browser's problem (Bug 42123) with the release of their version 12.5.5 on 26-September-2023. For those macOS 14 Sonoma users with the Mullvad browser installed, those Macs would do well updated to version 13.0 of the browser. HTH
To clarify, I was trying to say that I personally find these two bugs in macOS way more concerning than the usual privilige escalation bugs found in Windows. Because it even affected thrid party firewalls.
