Little Snitch 3 – Protect your privacy

&gt; Research Assistant<p>&gt; Have you ever wondered why a process you’ve never heard of before suddenly wants to connect to some server on the Internet? The Research Assistant helps you to find the answer. It only takes one click on the research button to anonymously request additional information for the current connection from the Research Assistant Database.<p>I&#x27;m so glad they built this feature.<p>The hardest part about using Little Snitch is trying to figure out whether processes that <i>look like</i> system or daemons are making legitimate connections.

Why are OSX applications in general so bad at telling website users which platforms they support? Like always, I have to keep digging around in the website, just to find out that it only runs on OSX...<p>Does anyone know a similar utility for Ubuntu&#x2F;Linux systems? Paid or free, doesn&#x27;t matter.

This is a prime example on how to make a landing page for a product. I understand what you are selling and why I would want it. The product looks great and I think I&#x27;ll try it out after work.

Excellent product, but needs some kind of rule sharing feature. There are <i>so many</i> network requests from different components that it can be overwhelming knowing what to allow.

I tried an earlier version of this and was a bit disappointed by the (apparent?) lack of information regarding these connections from applications, since there&#x27;s so much going on on OS X and it&#x27;s hard to tell what&#x27;s legitimate and what isn&#x27;t. It would be great if we could record traffic on a per-application&#x2F;process basis and display it comfortably, or even have some built-in heuristics to identify common tasks like &quot;Firefox update check&quot; or &quot;iCloud authentication&quot;.<p>It&#x27;s very similar to the venerable &quot;Spybot S&amp;D&quot; on Windows (the &quot;TeaTimer&quot; functionality, now apparently called &quot;Live Protection&quot;: <a href="https:&#x2F;&#x2F;www.safer-networking.org" rel="nofollow">https:&#x2F;&#x2F;www.safer-networking.org</a>).

I noticed no one mentioned <a href="https:&#x2F;&#x2F;www.tripmode.ch&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.tripmode.ch&#x2F;</a> I used to use Little Snitch before but it was to complex for what I wanted to do, allow disallow internet access to certain apps, tripmode does the trick in the simplest way I&#x27;ve even seen.

Please steal this idea and make a product; I&#x27;ll be your first paying customer:<p>Data Loss Protection (DLP) for retail consumers.<p>DLP (see <a href="http:&#x2F;&#x2F;whatis.techtarget.com&#x2F;definition&#x2F;data-loss-prevention-DLP" rel="nofollow">http:&#x2F;&#x2F;whatis.techtarget.com&#x2F;definition&#x2F;data-loss-prevention...</a> for a definition) goes beyond what Little Snitch does and does packet inspection to ensure that credit card numbers (for example) are never sent out from your network &#x2F; box. Ideally, you can add regular expressions to define other PII that shouldn&#x27;t be allowed to be sent out (your name, address, etc;).<p>DLP products exist for corporate use, but I don&#x27;t know of any lightweight + inexpensive one for personal use.<p>WireShark, Fiddler or Charles can incorporate this functionality, if I am not wrong. Not sure how one would MITM SSL with WireShark, though.

Not related in any way, Little Flocker[0] is a similar program but for file access. It&#x27;s a little rough around the edges but has been improving steadily.<p>[0]: <a href="https:&#x2F;&#x2F;www.littleflocker.com" rel="nofollow">https:&#x2F;&#x2F;www.littleflocker.com</a>

why was this posted today? I bought Little Snitch 3 in January 2013. I was thinking maybe this was a new major version but it&#x27;s not.

&gt; A firewall protects your computer against unwanted guests from the Internet. &gt; But who protects your private data from being sent out?<p>A firewall? No kidding, a firewall is not supposed to only block incoming traffic...

I’ve been using this happily for a long time. For those taken back by the endless prompts on the first run: that’s only for the start. Select “forever” for connections you trust and you’ll soon have much less prompts.<p>On a side note: the developers also have Micro Snitch, an app that warns when the camera or the microphone on your mac is in use.

Any similar software recommendations for Windows?

How does this work? Does it override the networking DLLs to proxy the socket creation calls?

Those of you who own Little Snitch...do you regularly block outgoing connections from applications you regularly use?

Little Snitch is at once both great and horrifying. If you watch the day to day stuff that happens on MacOS, you&#x27;ll see that Apple&#x27;s reputation for security and user privacy is a pretty low bar. Aside from the constantly pinging Apple defaults, so many third party apps are just all the time phoning home to corporate servers when they&#x27;re not even in use. Chrome can really just look for updates when I open it, not check in with Google about god knows what every thirty minutes.

Serious question: Can I use only profiles (e.g. no connection until VPN is connected) and the rest of the time Little Snitch should behave like it&#x27;s not installed? I&#x27;m not a big fan of watching every connection... have done this in the distant past with Zone Alarm and Windows and it was more bothering than anything else. I also doubt it increases my personal security a lot.... especially when I think about my normal Android phone which is sitting beside my PC.

First thing I install on any new system, couldn&#x27;t recommend it more!<p>And the ability to do per-application captures and open them in wireshark is excellent for debugging.

Something like this would be brilliant on Android. Anyone know anything related?<p>It&#x27;d be great if it was for non-root too, but I&#x27;m not sure if it&#x27;s possible.

Little Snitch is a fantastic way for people to shoot themselves in the foot.<p>Most people using it have no clue what they are doing, block random things, and prevent software from working as expected. Not only this can make things less secure by breaking features such as automatic updates, it also makes developer&#x27;s life miserable by having to provide support to people running their software in a half broken environment.

I wish something like this could run at the router level. I am certain my low-end IoT devices are sending out data I don&#x27;t know about.

Does Little Snitch catch process injections (ie: I am currently running in EvilMalware, I open up Chrome, create a new page, write my code into it and create a new thread in it), or is it vulnerable to the same problems of Windows firewall applications before LeakTest and the like. The good Windows firewalls now are able to catch this kind of thing.

Objective Development (the developers) are a nice company, also providing V-USB - a bitbanging USB implementation for AVR microcontrollers without USB support. <a href="https:&#x2F;&#x2F;www.obdev.at&#x2F;products&#x2F;vusb&#x2F;index.html" rel="nofollow">https:&#x2F;&#x2F;www.obdev.at&#x2F;products&#x2F;vusb&#x2F;index.html</a>

4-5 years ago when I last used a mac for work, there was a program that had an unlimited evaluation period and was just setup to nag on launch (like winzip). using little snitch just blocked the nag (literally the license did was remove the nag, so it didnt affect functionality). In the end, I wound up not using the program anyway - I really was just trying to evaluate it without the nag. For some reason sublime text comes to mind? I think I wound up just going back to vim<p>Installing little snitch, I got overwhelmed by how much stuff was trying to make calls in and out. It really does serve its purpose, but you also have to have an idea of what you should be letting out, you can easily break things and if you just &quot;allow all&quot; it somewhat ruins the point of having it.

Is there one absolutely similar to windows? Closest i found was GlassWire

I think these features should be included in every OS nowadays, like we have firewalls.<p>Anyway, I will probably buy this app, even if I share some concern others have about its own network calls.

Has anyone figured out how to stop Google&#x27;s autoupdate process (ksfetch) from tripping LS nonstop? It spawns multiple new temporary processes when checking for updates, and LS requires a path to a specific process file to block it. This has made LS unusable for me since uninstalling all Google products isn&#x27;t an option for me.

Little Snitch is great. You need to have a strong understanding of networking and the apps that you use, to use it successfully. It is great at opening your eyes to what apps are trying to connect where, and by catching a cap you can investigate what they are sending.

Long time LS user and love it - yes the constant notifications will tax your Qi but once you&#x27;ve set up the bulk of your rules it&#x27;ll give you a lot of peace of mind. Also grab Lingon X if you&#x27;re serious about control.

Is it open source? Couldn&#x27;t find anything on their site which is disappointing.

I&#x27;m currently using LS, but one of the problems I have is that it doesn&#x27;t support wildcard domain rules. This means ephemeral hosts quickly build up a large number of rules which soon become redundant.

One day consumer rights protection agencies are going to scrutinize what we are doing in the background just like they&#x27;re starting to do to ads.

If anyone is looking for a summer application that won&#x27;t inundate you with so much information, try radio silence

FWIW, I love Little Snitch and have used it for at least ten years.

Protect your privacy by running this proprietary application!

Little Snitch reminds me of Zone Alarm from back in the day.

There&#x27;s a great Defcon talk about someone breaking Little Snitch:<p><a href="https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=sRcHt-sxcPI" rel="nofollow">https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=sRcHt-sxcPI</a>

This seems like a joke given that it&#x27;s not open source.