Lockdown mode or nothing?

Whickwithy wrote:

Am I missing something or are the choices lockdown mode or no protection?

Lockdown Mode is new, "extreme" protection (Apple's choice of words). What preceded it was presumably less... "extreme".

About Lockdown Mode - Apple Support

I certainly would not consider "less extreme" to be synonymous with "no protection". I would consider it... "normal".

Whickwithy wrote:

"Block all incoming connections" and "Enable Stealth Mode".

That is the application firewall. It has nothing to do with system security, other than security theatre. If you are concerned about security enough to try Lockdown mode, then you probably shouldn't be enabling any sharing services to begin with. But if you did have a need to enable sharing service, why turn on the firewall which blocks incoming connections? I know, it is a trick question because the default behaviour of the firewall actually permits all incoming connections. So what is the point of it again?

Firewalls are useful for people running servers on the internet. But for a Macintosh computer sold to a consumer user, the only benefit that the application firewall provides is giving people the impression that they have a firewall that they think they need. Otherwise, they are liable to install some 3rd party scam ware.

While all sites that I visit 'seem' to be working alight, the website looks quirky. Such as, the various icons don't show up. I had my settings set to very secure before and it did not mess up any sites.

Now, it seems the choices are lockdown or no additional protection.

First question. If you turn off Lockdown Mode, does that fix the web sites?

If it does, then the most likely explanation is buggy website security, most likely involving CORS. This is assuming that you are using Safari, of course. If you are using Chrome or one of those other "secure" browsers, you should probably just go ahead and turn off Lockdown Mode as there would be no point to it.

Not having Lockdown Mode enabled is certainly not "no protection".

What choices are you looking for?

If it is now standard procedure to block all incoming connections and stealth mode is standard, I guess I'm okay but it seems uncomfortably and unlikely limited choices.

Whose "standard procedure" might that be anyway?

Whickwithy wrote:

No, I use Safari. And, yes, you are right. It only affects a small subset of sites to a slight extent. I have not run into any completely unusable sites, yet.

I'm not sure what you are responding to. If you see the same behaviour regardless of the Lockdown Mode setting, then Lockdown has nothing to do with the problem. Considering what Lockdown does, it probably has no effect on web browsing at all. Most likely, what you are seeing is simply buggy and incompatible web sites that aren't working properly with the latest version of Safari in Ventura. This happens every year.

I guess, if it is better protection than previously, I should be happy?

It is mainly a prophylactic, much like the application firewall. There is a huge "security" industry and Apple is enemy #1, not malware and not hackers. Why is that? Because malware and hackers are good for 3rd party security business. But Apple is very bad for this business. Ergo, Apple is the one that needs to be taken down, not the hackers.

For people who do pay attention to the social media propaganda, Lockdown Mode is just something they can do. It probably isn't going to impact their use of the device, one way or another. But clicking a switch is much better than installing some 3rd party security product that is only going to slow down your computer, cause it to crash, and actually reduce your security.

You're saying that firewalls don't do anything?

Nope.

If you don't have any sharing services enabled, then there is nothing to firewall in the first place. And if you did have any sharing services, the default behaviour of the firewall is to allow all connection. And if you changed that so that the firewall actually did block a connection, then your sharing service wouldn't work. Catch-22.

Even the "stealth mode" doesn't do anything. Pretty much anyone on a Mac does not connect to the internet directly. They only connect through a gateway like a WiFi network. It is your WiFi device that might need a firewall, not your Mac.

So, firewalls were never required? They were just a joke that the industry played on its users? Interesting.

What do you mean by "users"? Someone who runs a server that is directly connected to the internet might need a firewall. They might want their server to provide sharing services to local users of the same WiFi network, but deny access to hackers on the internet. This is what a firewall does. But the application firewall built into macOS doesn't allow this kind of fine-grained control at all. This fact, along with the others I mentioned above, makes it simply useless.

But if you don't believe me and "just want to be safe", then, by all means, it is much better to turn on the application firewall than try to configure the real firewall, or install some 3rd party scam ware. So in a sense, it is the same as Lockdown Mode. 😄

It might help if you were to explain what you think the macOS firewall is supposed to do, because most of the time, people assume it's doing something it simply doesn't do. They can't really be blamed for that because the terminology itself is poorly chosen. There is no fire and there is no wall.

Fine, let's assume those terms are supposed to be metaphorical. Ok then, identify the "fire" and show me the "wall". Any technically accurate answer will expose the truth, and the myth falls apart. Like saying Rumpelstiltskin's name out loud. Poof and it's gone.

I performed an admittedly cursory search for that answer, and (surprise!) nearly all the alleged "Security Expert!" answers are misleading at best. Intentionally so, since they were without exception self-serving. Buried deep within them you may find a morsel of truth: if your network equipment is all behind a router that you own and control, and all the users of that network are people you know and trust well enough to give them your network password, then the macOS firewall serves literally no purpose. Enabling it will only result in your own inconvenience.

What's worse is it may result in a misguided sense of security, perhaps causing you to lower your effective defenses — those that actually serve a purpose.

The term "firewall" should be forever banished from the computing lexicon. We'd all be better off without it.

According to Apple’sDocumentation about Lockdown Mode:

• Web browsing - Certain complex web technologies are blocked, which might cause some websites to load more slowly or not operate correctly. In addition, web fonts might not be displayed, and images might be replaced with a missing image icon.

About Lockdown Mode - Apple Support

It is as if Apple has determined that its users are too witless to be given choices.

Apple has no choice but to adapt to the demographic they were instrumental in creating.