One day I was working on a report on my laptop. Across the room I could see the wireless router and all sorts of activity (little green lights made blink blink). Normally, that wouldn’t bother me except I was NOT browsing at the time and my email application (Apple’s Mail.app) wasn’t even open.
Who was using my Internet connection? It wasn’t me (at least, that’s what I thought at the time). Was it a neighbor connecting to my Airport link? Nope. I had password security in place to prevent that.
What was using the Airport Internet connection?
It turns out that it was, sorry to say, me. Except I wasn’t doing anything at the time.
With some investigation I found out that about half a dozen applications that I use regularly were “phone home” apps; from time to time they’d start an executable (curl or something else that resides quietly in Mac’s unix underpinnings), connect to the Internet and send/receive information.
Yikes. I didn’t authorize that, for sure.
A little digging around in the Activities Monitor pointed out a number of little applications and some that could be identified by name.
A little more digging around at VersionTracker and I found a neat application that “snitches” on the applications that phone home.
It’s called Little Snitch from Objective Development.
What Little Snitch does is, well, uh, it’s a snitch for applications that use the Internet to send or receive information without you knowing about it.
Wait, you say; doesn’t your built in Mac OS X firewall protect you against such dastardly deeds? Yes and no.
Yes, it protects quite well against “incoming” attempts to connect to your Mac.
No, there’s no protection whatsoever against “outgoing” attempts to connect your Mac to the Internet or another computer.
Little Snitch changes that.
Objective Development’s web site explains that Little Snitch is an “application supervisor”:
You start an application that tells you that a new version is available. You suddenly realize that with every start this application connects to the developer’s server. Even statistics information about your computer may be sent this way. Little Snitch helps you avoid this situation.
Trojan horses – i.e. programs transmitting unconsciously data stored on your computer – can be detected by Little Snitch and prevented on the transmission of data.
On a more general basis, network connections to certain servers can be denied.
Installation was a breeze for the $24.95 application. Little Snitch installs as a System Preference with some standard settings to allow for outgoing email and browser requests, and a few others the system needs to connect appropriately to the Internet.
After that, everytime an application tries to connect, Little Snitch stops it in its tracks, pops up a warning that tells you what’s about to happen, and gives you options to allow, deny, deny forever, allow just this once, and so on.
Is that worth $24.95?
Yes, or much more depending on what applications are on your Mac and what they’re doing. I found a dozen apps that phone home; some were simple checks to see if there’s an update to the application. Other attempts were to a central server to let someone (publisher? developer?) know that I’m using their application.
I paid for it. I use. I do NOT want anyone to know. Little Snitch prevents that.
I like Little Snitch.