Nevertheless, the reason the software firewall is off by default on a Mac is quite simple and understandable: you are 99.99 percent certain -- even at a public hotspot -- to be behind a hardware firewall, and having two firewalls can conflict.
All the "dangers" people imagine they can be exposed to using a public hotspot, like unencrypted data being intercepted, are not covered by or protected by the use of a software firewall. Firewalls are not magic cloaks of Internet invisibility (you're confusing firewalls with Macs there)
. They simply stop incoming traffic on selected ports by controlling what ports are open, thus preventing floods of useless data from tying up or disabling the Internet connection. That's pretty much it.
What does a firewall do? | Security News
To put this another way: your Mac almost certainly doesn't need the software firewall because your Mac is set to what PC people would call "stealth" mode by default. Feel free not to take my word for this, and test it yourself:
https://www.grc.com/x/ne.dll?rh1dkyd2
The software firewall is there for people who have a need for specific configurations and no access to a hardware firewall. If that's you, by all means utilize it. But today (as opposed to decades past), your chances of not being behind a hardware firewall on any and all Wi-Fi networks you might use are virtually nil. So "carryover advice" based on best practices of the late 1990s is about as useful as telling most of us how to configure a PPPoE connection; valuable at one point, nearly useless now.