Four or five years ago I bought a Mac utility that is now indispensable. Or, totally superfluous.
Either way, I use it religiously because I’m almost as concerned about Mac apps that phone home as I am about potential intruders. Your Mac comes with a firewall to keep malicious intruders out. What about those apps and utilities (or, intruders) already on your Mac who phone home? How do you stop that communication?
Privacy Is A Two-Way Street
Here’s the deal. Intruders are trying to break into your Mac. It’s a fact of computing life in the 21st century. Fortunately, Apple makes it difficult for outsiders to connect to a Mac, and more difficult to get inside.
Apple is so confident of the Mac’s security that the built-in firewall is turned off by default.
That doesn’t stop intruders from trying. So, my practice has always been to turn on the firewall, adjust the stealth settings and sleep a bit better at night.
What about Mac apps that communicate from your Mac? We all have them. Usually, they check for software updates. Sometimes they do more. That’s why one of the utility apps I install on every new Mac is Little Snitch. Think of Little Snitch as a reverse firewall. It stops apps already on your Mac from communicating from your Mac to wherever.
Phoning Home—From The Inside Out
Most Mac apps are not malicious. They do their job. Most Mac apps also phone home—checking for software updates, perhaps sharing information you don’t want to be shared.
What is surprising is how many Mac apps are communicating with a big brother somewhere. Wouldn’t it be nice to know which ones and why? That’s what Little Snitch does. Instead of preventing intruders from getting in to your Mac, it prevents apps from communicating to the outside world from your Mac.
Any time an app tries to establish an outgoing network connection—local network or internet—Little Snitch tells you with a pop up. You decide how you want to handle the attempt—allow or deny. Or, set a simple rule to handle future attempts to phone home.
Macs don’t have much in the way of publicly transmitted viruses, trojans, or other malware. Yet. One day there’ll be something, somewhere, that digs a whole into many Macs. Think of Little Snitch as an inside cop checking the credentials of apps that try to communicate with the outside world.
Little Snitch is almost self explanatory. The default settings after installation allow for email, web browsing, and other normal Mac apps that communicate both ways. Other apps on your Mac—even legitimate utilities—that phone home, get flagged and stopped—until you decide what to do.
The Little Snitch interface is straightforward. Mac apps are listed on the left. The basic default or assigned rules on the right. Which ports and protocols used by the app are also listed (that’s a little geeky, but easy to figure out).
Double click on a rule to make changes. Choices are straightforward, too. Deny and allow are easy, but more granular settings are available, including specific communication ports.
Little Snitch puts a visual cue in the Mac’s Menubar so you can monitor incoming and outgoing traffic.
Not only do we have to worry about who’s trying to break into our Macs, it’s apparent that some apps are trying to break out as well. Is that paranoia? Hey, if everyone’s out to get you, paranoia is the right attitude to have.
Little Snitch can stop legitimate apps from connecting to your Mac’s network to see if other apps use the same serial number; an added, albeit devious, feature.
What is surprising is how many Mac apps are trying to phone home—most with good reason, and usually just to check on recent updates. For others, I’m not so sure, so better safe than sorry.