Is Little Snitch worth it?

[Digital Skunk]

Gotcha! How does this work say I am on a public wifi say at a cafe? Like, what is a good practice? I had no idea that simply connecting to one was that dangerous... man, I am very behind.

I do not have a built in firewall... or are you referring to the Mac firewall under settings? Cause as far as I know, that is only one kind of connections, not the ones LS shows.

Correct, the Mac firewall under settings only monitors the connections coming in.

That's about 87% of the battle. Not having pirated software or Limewire and other bittorrents are about 10% of the battle. Those applications could be sketchy. They may not be, but you can never be sure.

LS will watch BOTH incoming and outgoing. But let's say you have trusted software. Those applications will send information out if you tell them and have protections in place if they happen to violate their privacy clauses. They also send data encrypted and have better systems in place to avoid piracy.

Adobe, for instance, was hacked, but not while sending and receiving data. They were breached on the system end, and encrypted user account information was stolen along with source code for Photoshop. There is nothing LS can do about that, and companies like Adobe, Apple, Google, Sony, etc. have more valuable information.

Sorry, I am a little long winded.

As for connecting to public WiFi, always ask the clerks what the network name and password are. Never assume, because anyone could walk into Pete's Coffee and make a network named "PeteGuestWiFi" with no password when the real network is "PeteFreeInternet," and has the business phone number as the password.

Here in Maryland, there's tons of "xfinitywifi" access points from Comcast, but some people connect to some sketchy XFINITY spots, which could be anyone. The best way to determine is to make sure you are asked to Log In. If not, run! Never have your iPhone or computer automatically connect to hotspots. My Android days were wrought with frantically disconnecting from random hotspots while driving through town.

Overall, connecting to a public spot isn't dangerous as long as you connect to the correct ones.

Sorry for the long post. And I'll remind you, Little Snitch is a well-made application and the best at monitoring connections, but if it's basic security you're looking for you may be a bit overwhelmed by it. There are a lot of connections going on under the hood.

 

[vaugha]

Hmmmm.... I see that High Sierra requires LS4. I purchased LS3 recently and I am expected to pay for an upgrade. I hate money grubbing devs so ObDev can bite my backside, they won't be getting any extra money from me. Anybody else thinking about a purchase should consider carefully, do you want to support a dodgy developer and possibly find yourself in the same boat as I?

In answer to the OP's thread title....'No'.

I used to use ls3 for 6 years since 2012 before uninstalling it recently. I loved it at first b/c it gave me total control of all the network connections from/to my mac but it got very annoying after having used it for years clicking yes, yes, and yes repeatedly. I used to be very paranoid at first like some of you are and clicked no to any domains that I didn't know.

But over time slowly over the years, those domains I denied gave me no access to sites that I needed to visit and the hassle I had to go through of going back to the config and reconfig them. Not to mention there are usually multiple entries for the same domains. Ugh...It was a lot of hassle just to see a single page. Sure I can prevent apps from phoning home and it was one of the rudimentary reasons why I bought it and I was in total love at first sight but now meh, I don't really care.

In my opinion (1) it just hinders the fluidity of the macos experience. It's definitely an acquired taste. The other concern I had was (2) its impact on battery life. As it is installed alongside kernel process, I was under the impression that it can negatively impact the battery performance. If anyone thinks and can prove me otherwise, please chime in.

Optimizing battery life is key priority over network control so I decided to permanently remove it. The other reason is (3) every time a new update is available, I am required to reboot the os for it to take effect and to be honest I didn't like it that I had to reboot my machine every time a new update is available. I would like to leave my machine on as long as I can and the only software update that I find satisfactory to do that is the macos itself and that's about it.

I know v4 is out but (4) I don't wanna be bound on a subscription model every several years. It is true that version increments are rare and v3 ran for 5 years but if you have a bunch of other paid software installed on your mac and pc that require you to pay every few years, the cost of software updates can be quite high and it can even happen every few months. If there was a lifetime license for all future updates, it would have been better but they need to make a living as well, so I understand that.

Also (5) I already have enough monthly subscriptions which we all do (internet, cellphones, mortgage, car maintenance, gas, family, etc etc) so I didn't wanna add anymore to that than I already did. Even buying electronics, iphones, macbooks, and upgrading pcs every few years is in a way a subscription model that I find absolutely necessary and there is no way around it. If I can bypass it, I try and frankly I can live w/o ls.

 

[CloudSynced]

It looks interesting, but it's priced a bit high to only cover your one Mac.

I run Untangle NG Firewall Complete with a home license for $50 a year on my own hardware. It'll work decently out of the box but needs an IT/Network person to really set it up right. I have complete control of my network down to the smallest granularity, if needed. UI is great and it's ran on top of Linux so it'll run on any old hardware with at least 2 NICs.

 

[Skoal]

Thank you guys. I am gonna try to learn more about LS. I kinda want to start over though, since I researched a bit more about it. Final question - for processes you "trust" forever, do you allow on the port/site or any connection?

You can set LS when you first install it to allow all connections rather than manually prompt you for what to do about each one(which will drive a person crazy). Use your computer as normal and you will start to learn and search for connections that are desired and one that are not. Then you can go in and deny the ones you don’t want or need.

That’s the best way for someone new to use LS. The developers actually recommend this

 

[Skoal]

Hmmmm.... I see that High Sierra requires LS4. I purchased LS3 recently and I am expected to pay for an upgrade. I hate money grubbing devs so ObDev can bite my backside, they won't be getting any extra money from me. Anybody else thinking about a purchase should consider carefully, do you want to support a dodgy developer and possibly find yourself in the same boat as I?

In answer to the OP's thread title....'No'.

So wanting to earn a living equals “dodgy developer” nowadays? Why do people feel they’re entitled to free updates for life even though new hardware and OS’ are constantly changing. Boggles my mind.

 

[Skoal]

J

 

[Skoal]

I'll respectfully offer a chill pill solution, as an owner of LS 3. I purchased multiple licenses of LS 2, no long before LS 3 was issued. The dev offered recent LS 2 purchasers a free upgrade a couple of weeks after the LS 3 app hit the interwebs. The dev is and has been very responsive to their buyers for several years now - don't judge just yet and drop them a message, they've without fail always returned my messages…

I received S/Ns for LS 3 from them within a few days of my inquiry. No issues since.

Exactly. Sadly people would rather jump the gun and just notch online like a dev is satan because it’s easier than simply contacting the developer.

 

[steve62388]

So wanting to earn a living equals “dodgy developer” nowadays? Why do people feel they’re entitled to free updates for life even though new hardware and OS’ are constantly changing. Boggles my mind.

Well done for resurrecting a post that is over a year old. /s

Don’t create a straw man argument about wanting free upgrades for life when I said absolutely nothing of the sort, it’s lame. At the time I had recently purchased LS3 unknowing that it was at the end of it’s life cycle. LS3 was rendered unusable with High Sierra. I reached out to the developer to request a free upgrade exception to LS4 and they declined. So yeah, ‘money grubbing dev’. They lost my custom and I would wager a few more based on people reading this thread, so also a stupid developer with no concept of customer service.

I never purchased an upgrade and removed LS from my system. I now realise that Little Snitch is a waste of time and can be a huge hassle.

 

[KidPub]

Since this thread sprang back to life...

My use case for Little Snitch is managing network connections when I am away from my home network. I use a VPN when connecting to untrusted networks (anything other than home or office). The problem is that once you've authenticated to, say, a wireless network at Starbucks, network traffic immediately starts flowing, potentially exposing data from apps that are set to automatically sync / download with remote servers. I start the VPN once I've connected to the untrusted network, but in the brief time between connecting and establishing the VPN quite a bit of data is going back and forth.

I have LS set to block everything on an untrusted network except for TCP port 80 (in case the guest network uses a web page to authenticate). Once a VPN connection is established, full network access is allowed. Since the rules to do this are non-app-specific I don't have to really worry about setting up a bunch of rules...one or two does the trick.

 

[mpainesyd]

Little Snitch is worth it just for the Network Monitor which shows a map of the world and the countries that your computer’s software is talking to. Fascinating, if not frightening!

 

[Nuri Naki]

One of the best security software out there, total control of incoming and outgoing traffic, you can also record the traffic of specific app if you not trust one specific app. It detects also apps that are affected by any kind of virus and block them automatically until you give permission to do so.

 

[snowyjoey]

Interesting thread, so interesting I decided to revive it in case anyone knowledgable is still subscribed!!

I have used LS for many years too. I wouldn't be without it, although I would happily move to any other similar software. I have no devotion to LS itself, but I do have a strong desire to limit/manage connections. I have a question on that very topic.... Protecting myself from APPLE connections.

LS often warns not to do it, yet investigation into the process often reveals it's completely useless for me so I should be safe to block those connections. Photo analysis, icloud, iMessage, all sorts of stuff I don't use. I have recently reinstalled my system from scratch, and manually migrated data in, just to have a good clean up and not bring any remnants of old programs etc. But my machine is really slow, and I am wondering whether blocking some Apple connections would cause MacOS to slow down, does anyone know?

I use NO Apple services whatsoever, except the hardware and OS of course. I dont use icloud, Maps, photo sharing, syncing, nothing like that. Does anyone know how to kill all these processes which whore my CPU doing things I neither need, nor want?!
Thanks

 

[portland-dude]

Deny all be default. See what breaks. Slowly reopen connections until you have what you need open and no more. Simple yet time consuming.

 

[snowyjoey]

Thanks, but it's not that simple. Most of the processes I want to deny LS won't allow, or warns strongly against. The warns I can deal with (ignore) but some are simply unavoidable. I did find the script on guthub (https://gist.github.com/pwnsdx/1217727ca57de2dd2a372afdd7a0fc21) which looks fantastic, just what I need, but I am not sure how to run it (never used github and no idea how to!)
thanks again for the reply

 

[Rigby]

I have used LS for many years too. I wouldn't be without it, although I would happily move to any other similar software. I have no devotion to LS itself, but I do have a strong desire to limit/manage connections. I have a question on that very topic.... Protecting myself from APPLE connections.

My take on this would be: if you don't trust Apple, don't use MacOS. They could easily spy on you if they wanted to, and a software firewall could not prevent that. If that concerns you, you should consider switching to Linux.

But my machine is really slow, and I am wondering whether blocking some Apple connections would cause MacOS to slow down, does anyone know?

Absolutely. We had a good example just a few months ago when one of their certificate servers failed and application startup slowed to a crawl because Gatekeeper was trying to check online whether the certificates were still valid. Blocking the connection locally would have a similar effect. Other system components may go into retry loops if you try to block them.

I use NO Apple services whatsoever, except the hardware and OS of course. I dont use icloud, Maps, photo sharing, syncing, nothing like that. Does anyone know how to kill all these processes which whore my CPU doing things I neither need, nor want?!

I use some (not all) of the iCloud services, and their resource usage in terms of CPU and memory is minimal. If you don't use iCloud at all, don't sign in. I can't imagine that the services use significant resources in this state.

 

[piattj]

Tried LS and LuLu. Prefer LuLu. Simpler and as effective...

 

[snowyjoey]

My take on this would be: if you don't trust Apple, don't use MacOS. They could easily spy on you if they wanted to, and a software firewall could not prevent that. If that concerns you, you should consider switching to Linux.


Absolutely. We had a good example just a few months ago when one of their certificate servers failed and application startup slowed to a crawl because Gatekeeper was trying to check online whether the certificates were still valid. Blocking the connection locally would have a similar effect. Other system components may go into retry loops if you try to block them.


I use some (not all) of the iCloud services, and their resource usage in terms of CPU and memory is minimal. If you don't use iCloud at all, don't sign in. I can't imagine that the services use significant resources in this state.

Thanks very much. I wish it were as simple as that. I do not trust Apple. But I can't just dive over to Linux. I do a huge amount on computers all day every day, 7 days a week. Half is business and half personal. I am going to try to move personal stuff to a Linux machine soon, but the business stuff can't as I need certain Mac apps which aren't available on Linux.

I am not signed into icloud but I still see a TON of processes doing things I don't want. PhotoLibraryD, and a whole host of other ones, sometimes taking up most of the CPU doing things I don't use, need, or want.

Tried LS and LuLu. Prefer LuLu. Simpler and as effective...

Never heard of Lulu. I might take a look thanks

 

[piattj]

Thanks very much. I wish it were as simple as that. I do not trust Apple. But I can't just dive over to Linux. I do a huge amount on computers all day every day, 7 days a week. Half is business and half personal. I am going to try to move personal stuff to a Linux machine soon, but the business stuff can't as I need certain Mac apps which aren't available on Linux.

I am not signed into icloud but I still see a TON of processes doing things I don't want. PhotoLibraryD, and a whole host of other ones, sometimes taking up most of the CPU doing things I don't use, need, or want.


Never heard of Lulu. I might take a look thanks

LuLu is open source, at https://www.objective-see.com/products/lulu.html On GitHub at https://github.com/objective-see/LuLu ...

 

[snowyjoey]

Thanks. It looks very good, at least until I read that they recommend users install BigSur. Anyone recommending that fails my sniff test, but I understand why they do it. I remember when Apple was a great alternative to the invasive Windows. I see less and less difference as time goes on these days.

 

[piattj]

Thanks. It looks very good, at least until I read that they recommend users install BigSur. Anyone recommending that fails my sniff test, but I understand why they do it. I remember when Apple was a great alternative to the invasive Windows. I see less and less difference as time goes on these days.

Standard app advice?

 

[piattj]

Thanks. It looks very good, at least until I read that they recommend users install BigSur. Anyone recommending that fails my sniff test, but I understand why they do it. I remember when Apple was a great alternative to the invasive Windows. I see less and less difference as time goes on these days.

Not really the fault of LuLu... if you're a mac user, LuLu is a good choice.

 

[snowyjoey]

Yes it certainly looks good, just not sure if it works on older OS's, I will find out when my LS subscription ends! thanks

 

[samotivad]

Little Snitch is great. First thing I like is you can download ad block lists and because your browser no longer has an Adblock extension, most websites can't tell that you're blocking their ads.

Second useful thing is more for privacy advocates. If you like to isolate Google and Facebook to their own browsers to prevent them tracking you, Little Snitch is useful. For example I block Safari and Firefox from being able to access Facebook, Amazon and some Google domains. That way I am forced to use a separate browser and therefore don't give away my browser fingerprint to these companies that I consider invasive. It also prevents their scripts loading on external websites (the Facebook like button telling Facebook you visited certain pages etc).

Third thing is that if you download small applications provided for free on non trusted sources, you know that Little Snitch can block all incoming and outgoing connections to the application until you've inspected it.

Microsnitch is pretty nice too, it tells you whenever your microphone / camera is turned on or off.

 

[Apple_Robert]

I like Little Snitch and the price is very reasonable, in my opinion.

 

[SaSaSushi]

Little Snitch is great. First thing I like is you can download ad block lists and because your browser no longer has an Adblock extension, most websites can't tell that you're blocking their ads.

Thank you so much for this! I've been a satisfied Little Snitch user for years and wasn't even taking advantage of this.

I've subscribed to this ad block list. Are there any others you recommend?