If you’re one of the two million Mac users who’s now running Leopard as your OS, you might want to take a look at your firewall. According to an investigation by Heise Security, “a quick look at the firewall configuration in the Mac OS X Leopard shows that it is unable to do this. By default it is set to "Allow all incoming connections," i.e. it is deactivated. Worse still, a user who, for security purposes, has previously activated the firewall on his or her Mac will find that, after upgrading to Leopard, the system restarts with the firewall deactivated.” That’s definitely not good news for Leopard users. In the test, when the firewall was set to "Set access to specific services and programs" researchers found that a service started for testing purposes was able to be addressed from outside without any difficulty. Jürgen Schmidt, the tester at Heise, has speculated that, “It is conceivable that Apple intends that every process started by the user should be entered into the list of exceptions automatically. This would, however, also apply to a trojan, covertly setting up a backdoor on the system. Only Apple can explain what precisely is going on here.” The company tried the "Block all incoming connections" setting, but even with that the computer proved accessible. In conclusion, Schmidt said that the Leopard firewall failed every test be put to it, and “Apple is showing here a casual attitude with regard to security questions which strongly recalls that of Microsoft four years ago.”
