you don't regard the NTP service running as root to be a threat? it's been the target of plenty of successful remote overflow exploits that can lead to the execution of arbitrary code. running it as root is ridiculous...

google ntp+exploit and you'll find plenty out there that might suggest you'd want this process running as something less dangerous.

I get the impression that the guy who wrote the original firewall review article was intentionally looking for a way to make the firewall look bad. I'm pretty OS agnostic, and am convinced that you can have a decent on-host firewall for any OS, and that you can also misconfigure it to offer little protection. Following are my test results, performed using nmap on the same LAN as a Macbook running OS X 10.5. The Macbook had no sharing of any kind enabled, but was using many SMB shares and other network applications.

http://padilla.net/osx-10.5_firewall_test

curious how the report gets reported on by yahoo news via eweek: 

http://news.yahoo.com/s/zd/20071030/tc_zd/218378;_ylt=AmPNn9HdEdO83HSRvf8fkbFX.3QA

I quote "Upgrading to the latest version of Apple's operating system, might make a Mac less secure, say experts."

they say experts but only quote one source.