Of course, a firewall is built in to macOS Sierra to prevent hackers and others from getting into your Mac to wreak havoc and mayhem, but what about the apps that are already on your Mac? What are they doing? Do they ‘phone home?‘ and send data to developers in Russia, China, or Silicon Valley? If so, which ones? What are they trying to do when they connect to the internet without your knowledge? Can you stop them?
Reverse The Firewall
The firewall on your Mac “is a network security system that controls incoming and outgoing network based on a rule set.” That’s a nice way of saying a firewall can be complicated to setup and manage. Since it’s turned off in macOS by default, what’s to prevent apps already on your Mac from phoning home and sending out personal data?
This cleverly designed little app acts like an automatic, robotic, behind-the-scenes reverse firewall which protects you from apps already on your Mac that want to connect to outside servers without your knowledge. Every time any Mac app tries to make a connection through the network, Little Snitch stops it.
Wait. Won’t that stop everything from connecting? What about Mail, Safari, iCloud, iTunes, and all those apps that need to connect? Little Snitch is smart enough to know which ones are which and allows those apps that are known and trusted to connect automatically (but you can control which ones can use the network and which ones cannot and how).
Here’s a good example. What if iTunes wants to connect to Apple to check on something. This is what happens.
Apple’s Mac Maps app needs to connect to Apple’s servers to display, well, the maps. Little Snitch can stop it and display a pop up option with controls like the example above– Deny, Allow, or Allow Forever, or Deny Forever. That kind of thing.
Wait. Won’t Mac users be flooded with all kinds of pop up warnings? Yes. And no. Little Snitch knows which apps are good and which need to be flagged for your attention. Either way, you have granular control over which apps on your Mac are allowed to ‘phone home‘ and make a network connection.
You’d be surprised at the number of apps that are making such connections without your knowledge, but if you don’t want to get interrupted by popup notifications the Silent Mode can cancel all warnings for a period of time. The built-in Research Assistant helps you check on obscure processes to see which app is calling where (using the Research Assistant Database).
The latest Little Snitch version also has an incoming firewall to provide your Mac with an additional layer of protection for incoming connections. For the Mac geek in you there are rules and filters and ruleset analyzers and even domain based rules to configure Little Snitch down to the nth degree, but most of us won’t need to get that granular or obsessive compulsive with what the app does best– notify you when an app is phoning home.
Little Snitch has a built-in Network Monitor utility which tracks network access to and from your Mac. You’ll see at an instant which apps are using the network, including OS X utilities, and how much bandwidth is being used.
The Network Monitor window displays traffic separately for each processor, port, and protocol, plus total amounts, peaks and averages. You can zoom down to a minute if you want, and filter out background processes that are less important..
If you’re a bit paranoid about who or what is trying desperately to get into your Mac you may want to be a little paranoid about apps on your Mac that are desperately trying to make an outside connection for who knows what.
For my Mac, I turn on the macOS High Sierra firewall (System Preferences, Security & Privacy, Firewall), and add Little Snitch. You’ll be surprised at which apps are phoning home, but now you can control which ones connect and which simply sit idly by.