Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It's not macOS firewall, but Apple's implementation of OpenBSD's pf used in Apple's macOS. Mullvad is clearly pointing at a bug in OpenBSD's "packet filter", mentioning that it's used in macOS.

Mullvad's article lacks proper wording and shits on the wrong target.



There isn't any mention of OpenBSD in the article. It says:

> a bug in the macOS firewall, packet filter (PF)

> We believe the firewall bugs must be fixed by Apple.

I don't see how you can interpret that as shitting on OpenBSD.


[flagged]


You're way off base and I can see you feel quite frustrated by what you perceive as a slight against OpenBSD. I know and have used "pf" in OpenBSD. Not once while reading the article did I think Mullvad were referring to pf as a technology as opposed to the macOS implementation of pf where the bug resides.


Unless there is an equivalent OpenBSD bug, why would it be their issue? Low level components often are patched by Apple to work with Xnu. If the same bug isn’t showing up in OpenBSD, it’s more likely Apple’s integration or a “feature” added by Apple.


> Unless there is an equivalent OpenBSD bug

Maybe there isn't such a huge intersection between BSD and Mullvad users? It would seem though that Mullvad might try to see if the problem narrows down to the BSD implementation, but that's hard to know if they haven't stated that explicitly.


Apple forked PF, but didn't change the name. Apple's fork of PF has a bug. The article only mentions Apple's fork.


Or maybe they're not shitting on anyone in particular and just trying to warn their MacOS users about a security issue?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: