Re: [Fed-Talk] Firewall
Re: [Fed-Talk] Firewall
- Subject: Re: [Fed-Talk] Firewall
- From: Michael <email@hidden>
- Date: Thu, 10 Apr 2008 13:06:53 -0400
again, you are getting confused between my statements about how the
GUI was
implemented and what the GUI actually did or did not do on the
backend.
Apple users need the ability to easily and quickly configure which
ports/protocols are explicitly being used. This can not be done with
10.5's
firewall GUI. In fact, with the 10.5 GUI you really have no idea what
actually is or is not allowed. this is bad security design.
My issue with the 10.4 vs. 10.5 GUI FW interface is that the purely
port/protocol GUI FW is a flawed approach because you are ignoring the
application aspect of the problem. If you ignore that issue my other
issue is that totally fixing the flaws in the 10.4 GUI FW
implementation would results in a complicated GUI because the problem
is complicated to start with. No existing GUI FW based on the port/
protocol approach is not complicated or flawed. The application based
GUI FW's I have seen are also complicated but that is not required.
The 10.5 GUI approach with simple modifications would do what you want
and not present the full complexity to the average user. Rather then
plain allow or deny incoming for a particular application you need the
third advanced choice for users who need to specify finer grain
control over an application.
The only way to get that change is to file with Apple clearly
explained feature requests with reasonable techniques to implement
those changes. When I requested that iPhoto be able to detect
duplicate photos I suggested an algorithm just in case the engineers
reading the request had no ideas.
Asking for the impossible gets you nothing, showing that the
impossible has already been done changes everything.
Michael
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden