1. Forum
  2. Usenet
  3. ALT.COMP.OS.WINDOWS-10

  • Security Bite: macOS Sequoia's firewall is disrupting security tools, a

    From Lother@21:1/5 to All on Fri Sep 20 03:34:18 2024
    XPost: comp.sys.mac.advocacy, comp.os.linux.advocacy, talk.politics.guns
    XPost: sac.politics

    If it wasn't for stupid people, Apple wouldn't have a market.

    On Monday, Apple released its latest iteration of Mac’s operating system,
    macOS Sequoia. The new update introduced tighter control over app
    permissions and an overhaul to Gatekeeper, among other features. However, according to TechCrunch, it now appears to be disrupting security tools
    made by CrowdStrike, SentinelOne, and Microsoft. Social media users are
    also reporting connection failures with third-party VPNs.

    Details are sparse at the moment, but a possible source of the issues is Sequoia’s current firewall. This is useful for managing connections on untrusted networks. If you’re an everyday user and not a security nut or
    part of an enterprise team, your firewall is likely already off. This is
    the default on Mac, as most users are on trusted networks anyway (Apple’s
    way of balancing usability and security).

    Many experts have noticed that turning off the firewall fixes the
    disruptions to any network-based tools. However, if the firewall is
    already enabled to begin with, you probably wouldn’t want to do this.

    Patrick Wardle, a long-time iOS and Mac security expert and founder of the Objective-See Foundation, expressed his frustration, noting that Apple’s
    lack of thorough testing is to blame.

    “As a developer of macOS security tools, its incredibly frustrating to
    time and time again have to deal with (understandably) upset users (understandably) blaming your tools for breaking their Macs, when in
    reality it was Apple’s fault all along,” Wardle told 9to5Mac.

    “Déjà vu?! Did Apple *again* release a new OS that *again* breaks 3rd-
    party security tools?” he added in a posted on his LinkedIn in reference
    to a bug two years ago in MacOS Ventura that caused similar problems.
    “Root cause appears to either be macOS firewall itself, or the lower-level networking extension subsystem that is “corrupting packets” or other “unintentional changes” to network structures.”

    Other security-focused communities are sharing similar concerns.
    Vulnerability researcher Will Dormann shared in a blog post that DNS
    requests over a network are blocked by macOS Sequoia when the firewall is
    set to “Block incoming connections,” which unexpectedly includes DNS
    responses. This issue did not exist in previous macOS versions, and it
    seems to be a bug in the current firewall. “Any response to a request that
    I initiate should be allowed in.”

    Dormann also noted that another problem is that Sequoia’s firewall GUI is
    not synced correctly with the actual firewall rules, making it difficult
    for users to adjust or modify settings, especially for those using older
    Macs.

    This would undoubtedly cause issues connecting to third-party VPNs. I’m currently having issues connecting with Windscribe on macOS Sequoia. Other members of 9to5Mac have no problems with Nord VPN. What about you?

    MacOS 15 total fail in networking. VPNs not working anymore or something
    they disconnect without any reason, VMs are not working anymore using
    Shared Networking (@UTMapp). Sometimes DHCP is simply refusing to provide
    IP

    — Alex Kleber a.k.a Privacy 1st (@privacyis1st) September 19, 2024
    If you’re a user of Crowdstrike, it appears Apple has already confirmed
    the networking issues happening. Hopefully a fix is in the works ?? and
    coming soon.

    https://9to5mac.com/2024/09/19/security-bite-macos-sequoias-filewall-is- disrupting-security-tools-and-more/

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)