“For starters, Wardle pointed out that while macOS does have a built-in firewall, its effectiveness is limited because it only blocks and monitors incoming connections; there’s no processing of outgoing connections, he points out,” Spring reports. “‘That means if a piece of malware does get on your system in some way, even if your Mac firewall is on, it’s not going to filter or block that (outbound) connection,’ Wardle said.”
“Those shortcomings put the spotlight on third-party macOS firewall solutions,” Spring reports. “But, even with those, Wardle uncovered problems. During his talk, Wardle showed that it’s fairly trivial to bypass these firewall products.”
Read more in the full article here.
MacDailyNews Note: As Spring reports, in an effort to encourage development of better host-based macOS firewalls, Wardle released the open-source LuLu firewall earlier this year. The code is hosted on GitHub and he hopes it will be serve as a starting point for more robust macOS firewalls in the future. More info here.