As for personal firewalls, outbound blocking allows you to stop trojans from calling home- so it’s useful even if it’s not on by default on the Mac and you can’t do it in Windows without 3rd party software.

Firewalls are useful in stoping target of opportunity attacks. Limiting what devices can access an open port is good for reducing vulnerability. Especially for new vulnerabilities in nework services for which there isn’t yet a patch.

Firewalls stop real attacks all the time, so I’m not sure why the folks enabling v6 devices haven’t started to work out the issues and build in some protection.

If you don’t have a real trusted and validated computing base, then you’re pretty much stuck with arbitrating access as a security mechanism. What’s the alternative?

Paul