An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Previous Thread
Next Thread
Print Thread
Page 2 of 2 1 2
Re: Little Snitch
artie505 #45432 06/28/17 02:55 PM
Joined: Aug 2009
Likes: 16
Moderator
Online
Moderator

Joined: Aug 2009
Likes: 16
Originally Posted By: artie505
Great post, thanks, but you didn't mention that Little Snitch also monitors calls out by Apple and 3rd party apps and system processes, not to mention the nasty stuff that inspired both it and SIP.

You're right I probably should have mentioned that Lil Snitch monitors all outgoing traffic. I focused on cookies et al. as the traffic users are most likely to block. SIP prevents external products from modifying system files. In fact if one is changed or deleted, SIP replaces the changed or deleted file with an image of the original file. I am unclear on how that would relate to what Lil Snitch does confused

Originally Posted By: artie505
Thinking about it, does SIP negate the necessity for LS and the other "paranoiaware" out there, or are there still unprotected areas of vulnerability?
  1. Security is multi-faceted and there is no single solution that covers them all.
    1. SIP protects system files from modification by malware (and as an added bonus from ill-advised user actions)
    2. Lil Snitch monitors and can prevent applications, cookies, and (lest we forget) even system files from "phoning home" with information about the user and her/his identity and/or browsing habits.
  2. Unquestionably there are still vulnerabilities that can be exploited. Any protection created by the human mind can be defeated by the human mind.
  3. Security is not a war that can ultimately be won. As with all crime it is a running battle with constantly evolving tools and tactics on both sides.
  4. Absolute security is a myth
  5. Security demands…
    1. Constant vigilance
    2. Keeping systems and software scrupulously up to date
    3. Constant vigilance
    4. Continual re-evaluation of your protections and what is or is not working
    5. Constant vigilance
    6. Strking a balance between security and usability
    7. Constant vigilance
Do you detect a pattern? smile


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: Little Snitch
artie505 #45436 06/28/17 03:28 PM
Joined: Sep 2009
Likes: 3
OP Offline

Joined: Sep 2009
Likes: 3
I plan on calling AppleCare after I get my wireless headset so I can be hand free when I talk to them. I can show them some stuff in my mail that doesn't look right anyway. It's great that they can share the screen. It saves a lot of explanation and misunderstandings.

Luckily, the inbox messages that disappeared when I deleted that one message in the trash folder were still on the Yahoo server and I retrieved them and put them in a different folder.

I will be able to show them in real time how I trash an item and it never ends up in the trash. I know they will want to see my prefs, but they will that I have it set up correctly unless there is s something I am just to seeing. Time will tell.



Originally Posted By: artie505
Originally Posted By: plantsower
OK. My mail is definitely acting wonky. All of a sudden I had something in my trash which I never put there. I knew b/c I had a number above my mail icon. I checked and it was definitely trash. I emptied it and it also emptied my inbox which had all my fine tuned Mac stuff which I hadn't responded to yet! Damn it! AppleCare will be getting a call soon but sometimes they just don't know what to do. mad

Uhhh... Like WOW! crazy

That makes absolutely no sense to me. Are you running any Mail plugins or anything else that affects Mail's behavior?

You're going to have an awful hard time explaining your problems to AppleCare without showing them hard evidence, so if the same thing happens again, call before you do anything else.


MacBook Pro - M2, Ventura 13.6
Safari Tech Prev 17.0
Safari 16.6
Firefox 116.0.2
iPhone 7 Version 15.8




Re: Little Snitch
Virtual1 #45438 06/28/17 03:30 PM
Joined: Sep 2009
Likes: 3
OP Offline

Joined: Sep 2009
Likes: 3
I'm sorry you are having that problem, but then again, I know now that it's not just me. I've been looking for an alternative mail program without much luck. I want it to be free and very easy to use.

I tried Thunderbird and didn't care for it. I tried Opera yesterday and things weren't working there either.

Originally Posted By: Virtual1
Originally Posted By: artie505
Originally Posted By: plantsower
OK. My mail is definitely acting wonky. All of a sudden I had something in my trash which I never put there. I knew b/c I had a number above my mail icon. I checked and it was definitely trash. I emptied it and it also emptied my inbox which had all my fine tuned Mac stuff which I hadn't responded to yet! Damn it! AppleCare will be getting a call soon but sometimes they just don't know what to do. mad

Uhhh... Like WOW! crazy

That makes absolutely no sense to me. Are you running any Mail plugins or anything else that affects Mail's behavior?

My Mail.app seems to have become unreliable also. Just last night I moved a message from my inbox to a folder. It did not appear in the folder, and most definitely left the inbox. Search could no longer find it. Fortunately it was easily resent. Never did find the original. I've experienced other weirdness also, I was trying to move an item and the highlight on the folder was not appearing. Relaunch of Mail seems to restore normal behavior. I relaunch mail a lot lately it seems...


MacBook Pro - M2, Ventura 13.6
Safari Tech Prev 17.0
Safari 16.6
Firefox 116.0.2
iPhone 7 Version 15.8




Re: Little Snitch
plantsower #45449 06/28/17 11:10 PM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
Originally Posted By: plantsower
I have been thinking about adding Little Snitch to my extensions. When reading the reviews, it is referred to as a firewall. I don't know if Adware or any other ad- stopping extension is considered a firewall but.......way back my ISP guy (small company) said that my modem or was it my router - had a firewall built in and if I put up the firewall in my Mac they could conflict. So, I never did that.

I am wondering if Little Snitch (if it is a firewall)I would conflict with the firewall in my modem more router? He also calls the modem a radio.


Okay, from the top:

A firewall is a program or a piece of hardware that stops programs or computers on the Internet from connecting to your computer.

Your ISP guy is correct. Every modern router and cable modem/router combo has a built-in firewall, called a "NAT firewall." This is an extremely robust firewall that, for the most part, makes software firewalls like the one built into macOS redundant. And indeed, multiple firewalls can conflict, if you want another computer to connect to you. You must configure both firewalls to permit this.

When do you want another computer to connect to you? Any time you want someone to be able to reach you over the Internet. Why might you want that? Because you're hosting a game, because you're running a file server so that you can access your files at home when you are on the road, because you want to be able to use Find My Mac or Back To My Mac, because you want to be able to control your computer when you're on the road, and so on.

Little Snitch is not a firewall. Little Snitch stops programs on your computer from talking to the Internet.

Examples of programs on your computer that talk to the Internet include:

Your email program.
Your Web browser.
Apple Software Update.
Video games.
FTP programs.
Skype.
Messenger.
Chat software.
Any program that uses an automatic updater.
Adobe software (Photoshop, Lightroom, Indesign, and so on).

Basically, most modern programs talk to the Internet. Little Snitch blocks them unless you allow then to connect.

Little Snitch won't conflict with firewalls, because they do different things.

Also, your router is indeed a radio. When you connect by WiFi, your computer is talking to your router with radio waves.


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: Little Snitch
tacit #45450 06/29/17 12:23 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Great explanation, tacit!

But, like joemike, you didn't mention the myriad OS X/macOS processes that - literally - inundate you with Little Snitch pop-ups. I invariably allow them forever with the exception of anything that sounds like it deals with location, which I invariably deny forever (even with Location Services turned off). (As per LS's devs, v 4 will have an option to allow system calls by default.)

The only calls out that concern me are those from
  • Safari
  • Mail, and
  • malware,
the latter having been my impetus to install LS in the first place, but hasn't the risk of malware declined significantly, if it hasn't disappeared altogether, since the advent of SIP?

And as for Safari, I haven't seen many LS pop-ups at all since I established blanket "allow" rules for ports 80 and 443.

Which leaves Mail, which has never been a malware conduit on the Mac platform, but which pops up endless requests to connect to images.

Bottom line is that unless there are avenues that malware can exploit in the presence of SIP, it seems to me like Little Snitch has had its day...that it lives on only because of paranoia.

It may include functionality that's useful, if not necessary, on the enterprise level, but for those of us here...it looks dead to me.

(OK, yes, there are people who d/l stuff from spurious sources who should run LS, but that's not paranoia, it's reality.)

And YES! I just turned LS off; it'll be nice to work without having to deal with endless "boy who cried wolf" pop-ups. smile laugh cool


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Little Snitch
tacit #45452 06/29/17 12:54 AM
Joined: Sep 2009
Likes: 3
OP Offline

Joined: Sep 2009
Likes: 3
Thank you. You're a good teacher.


Originally Posted By: tacit
Originally Posted By: plantsower
I have been thinking about adding Little Snitch to my extensions. When reading the reviews, it is referred to as a firewall. I don't know if Adware or any other ad- stopping extension is considered a firewall but.......way back my ISP guy (small company) said that my modem or was it my router - had a firewall built in and if I put up the firewall in my Mac they could conflict. So, I never did that.

I am wondering if Little Snitch (if it is a firewall)I would conflict with the firewall in my modem more router? He also calls the modem a radio.


Okay, from the top:

A firewall is a program or a piece of hardware that stops programs or computers on the Internet from connecting to your computer.

Your ISP guy is correct. Every modern router and cable modem/router combo has a built-in firewall, called a "NAT firewall." This is an extremely robust firewall that, for the most part, makes software firewalls like the one built into macOS redundant. And indeed, multiple firewalls can conflict, if you want another computer to connect to you. You must configure both firewalls to permit this.

When do you want another computer to connect to you? Any time you want someone to be able to reach you over the Internet. Why might you want that? Because you're hosting a game, because you're running a file server so that you can access your files at home when you are on the road, because you want to be able to use Find My Mac or Back To My Mac, because you want to be able to control your computer when you're on the road, and so on.

Little Snitch is not a firewall. Little Snitch stops programs on your computer from talking to the Internet.

Examples of programs on your computer that talk to the Internet include:

Your email program.
Your Web browser.
Apple Software Update.
Video games.
FTP programs.
Skype.
Messenger.
Chat software.
Any program that uses an automatic updater.
Adobe software (Photoshop, Lightroom, Indesign, and so on).

Basically, most modern programs talk to the Internet. Little Snitch blocks them unless you allow then to connect.

Little Snitch won't conflict with firewalls, because they do different things.

Also, your router is indeed a radio. When you connect by WiFi, your computer is talking to your router with radio waves.


MacBook Pro - M2, Ventura 13.6
Safari Tech Prev 17.0
Safari 16.6
Firefox 116.0.2
iPhone 7 Version 15.8




Re: Little Snitch
joemikeb #45454 06/29/17 06:38 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Originally Posted By: joemikeb
Originally Posted By: artie505
Great post, thanks, but you didn't mention that Little Snitch also monitors calls out by Apple and 3rd party apps and system processes, not to mention the nasty stuff that inspired both it and SIP.

You're right I probably should have mentioned that Lil Snitch monitors all outgoing traffic. I focused on cookies et al. as the traffic users are most likely to block. SIP prevents external products from modifying system files. In fact if one is changed or deleted, SIP replaces the changed or deleted file with an image of the original file. I am unclear on how that would relate to what Lil Snitch does confused

Little Snitch's most important function, to my mind, at least, was alerting users to outgoing calls from malware placed by bad guys in areas that can no longer be accessed because of SIP.

Originally Posted By: joemikeb
Originally Posted By: artie505
Thinking about it, does SIP negate the necessity for LS and the other "paranoiaware" out there, or are there still unprotected areas of vulnerability?
  1. Security is multi-faceted and there is no single solution that covers them all.
    1. SIP protects system files from modification by malware (and as an added bonus from ill-advised user actions)
    2. Lil Snitch monitors and can prevent applications, cookies, and (lest we forget) even system files from "phoning home" with information about the user and her/his identity and/or browsing habits.
  2. Unquestionably there are still vulnerabilities that can be exploited. Any protection created by the human mind can be defeated by the human mind.
  3. Security is not a war that can ultimately be won. As with all crime it is a running battle with constantly evolving tools and tactics on both sides.
  4. Absolute security is a myth
  5. Security demands…
    1. Constant vigilance
    2. Keeping systems and software scrupulously up to date
    3. Constant vigilance
    4. Continual re-evaluation of your protections and what is or is not working
    5. Constant vigilance
    6. Strking a balance between security and usability
    7. Constant vigilance
Do you detect a pattern? smile

Of course, but I was really asking whether, SIP notwithstanding, there are still areas of OS X/macOS in which bad guys can place the sort of malware we've seen over the years...the sort of malware that LS can intercede against?

I don't recall a single such threat having arisen since SIP was instituted.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Little Snitch
artie505 #45462 06/29/17 03:38 PM
Joined: Sep 2009
Likes: 3
OP Offline

Joined: Sep 2009
Likes: 3
When was SIP instituted? Because a couple of years ago on my mid-1012 MBP I downloaded an open source office suite. I can't remember now whose it was. After that my Mac went to a slow crawl. I still had AppleCare at the time and was told to download Malwarebytes. It found it immediately and tossed it. Whew! Everything sped up. It hasn't found anything since then, though. They supposedly keep it updated, but I am sure they don't have all the malware in their bag of tricks.


Of course, but I was really asking whether, SIP notwithstanding, there are still areas of OS X/macOS in which bad guys can place the sort of malware we've seen over the years...the sort of malware that LS can intercede against?

I don't recall a single such threat having arisen since SIP was instituted. [/quote]


MacBook Pro - M2, Ventura 13.6
Safari Tech Prev 17.0
Safari 16.6
Firefox 116.0.2
iPhone 7 Version 15.8




Re: Little Snitch
artie505 #45464 06/29/17 05:09 PM
Joined: Aug 2009
Likes: 16
Moderator
Online
Moderator

Joined: Aug 2009
Likes: 16
Originally Posted By: artie505
Of course, but I was really asking whether, SIP notwithstanding, there are still areas of OS X/macOS in which bad guys can place the sort of malware we've seen over the years...the sort of malware that LS can intercede against?

I don't recall a single such threat having arisen since SIP was instituted.

I reiterate: Anything the human mind can create the human mind can defeat — eventually. SIP is an excellent safeguard and as you point out is working very well but it is no panacea. All it takes is one malware developer discovering a hitherto unknown or unexpected vulnerability and as Sherlock Holmes would say, "The game is afoot".

For the average user the biggest security venerability is their own ignorance of the threats. For the more technically aware it is complacence. With that in mind each person must strike their own balance among the competing elements of security, convenience, and usability. I am trying to encourage you to avoid the trap of complacency.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: Little Snitch
joemikeb #45470 06/30/17 06:33 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Originally Posted By: joemikeb
I am trying to encourage you to avoid the trap of complacency.

That's far from the first time you've made that point, and I always appreciate it; it's right on the mark! :thumbs up: (I hate emojis!)

But you've made it in the general sense, not in the much narrower context of "do I really need Little Snitch", and in that sense, I think that running LS almost solely against the possibility of some bad guy finding a back door into macOS sometime in the future and exploiting it with a new piece of malware with which LS will interfere is overkill in view of the very annoying nature of the beast and the demands it makes (and you apparently reached a similar, if not identical, conclusion).

In fairness, though, I'll install the LS v 4 public beta and see if it's easier to live with.

(I invited LS tech support to participate in this thread, but I guess it's not going to happen.)


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Little Snitch
plantsower #45471 06/30/17 07:03 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Originally Posted By: plantsower
When was SIP instituted? Because a couple of years ago on my mid-1012 MBP I downloaded an open source office suite. I can't remember now whose it was. After that my Mac went to a slow crawl. I still had AppleCare at the time and was told to download Malwarebytes. It found it immediately and tossed it. Whew! Everything sped up.

SIP was instituted in El Cap in Sept. 2015.

I'm confused, though, because your symptoms sound more the product of poorly written software than like any kind of malware I've ever heard of.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Little Snitch
Virtual1 #45476 06/30/17 03:56 PM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Originally Posted By: Virtual1
Originally Posted By: artie505
Originally Posted By: plantsower
OK. My mail is definitely acting wonky.

Uhhh... Like WOW! crazy

My Mail.app seems to have become unreliable also. Just last night I moved a message from my inbox to a folder. It did not appear in the folder, and most definitely left the inbox. Search could no longer find it. Fortunately it was easily resent. Never did find the original. I've experienced other weirdness also, I was trying to move an item and the highlight on the folder was not appearing. Relaunch of Mail seems to restore normal behavior. I relaunch mail a lot lately it seems...

My recent experience has been that embedded graphics are being sent, but not delivered unless I package them in folders.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Little Snitch
artie505 #45477 06/30/17 04:15 PM
Joined: Sep 2009
Likes: 3
OP Offline

Joined: Sep 2009
Likes: 3
Is there a way to get graphics in emails without having to go back to the source website like Yahoo? Lately I've been getting emails with just squares and no pics.


My recent experience has been that embedded graphics are being sent, but not delivered unless I package them in folders. [/quote]


MacBook Pro - M2, Ventura 13.6
Safari Tech Prev 17.0
Safari 16.6
Firefox 116.0.2
iPhone 7 Version 15.8




Re: Little Snitch
plantsower #45478 06/30/17 04:28 PM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Originally Posted By: plantsower
Is there a way to get graphics in emails without having to go back to the source website like Yahoo? Lately I've been getting emails with just squares and no pics.


My recent experience has been that embedded graphics are being sent, but not delivered unless I package them in folders.

I don't know what my daughters are seeing on the other side, but now that you've mentioned empty squares I'll ask.

When they tell me that they didn't receive, for instance, a screenshot I resend it in a folder.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Little Snitch
artie505 #45479 06/30/17 04:42 PM
Joined: Sep 2009
Likes: 3
OP Offline

Joined: Sep 2009
Likes: 3
I don't get a lot of graphics from friends and family but the commercial ones aren't showing up for sure.

Originally Posted By: artie505
Originally Posted By: plantsower
Is there a way to get graphics in emails without having to go back to the source website like Yahoo? Lately I've been getting emails with just squares and no pics.


My recent experience has been that embedded graphics are being sent, but not delivered unless I package them in folders.

I don't know what my daughters are seeing on the other side, but now that you've mentioned empty squares I'll ask.

When they tell me that they didn't receive, for instance, a screenshot I resend it in a folder.


MacBook Pro - M2, Ventura 13.6
Safari Tech Prev 17.0
Safari 16.6
Firefox 116.0.2
iPhone 7 Version 15.8




Re: Little Snitch
artie505 #45480 06/30/17 04:43 PM
Joined: Sep 2009
Likes: 3
OP Offline

Joined: Sep 2009
Likes: 3
Well, AppleCare thought it was malware and the malware program removed it immediately and my computer sped up!


Originally Posted By: artie505
Originally Posted By: plantsower
When was SIP instituted? Because a couple of years ago on my mid-1012 MBP I downloaded an open source office suite. I can't remember now whose it was. After that my Mac went to a slow crawl. I still had AppleCare at the time and was told to download Malwarebytes. It found it immediately and tossed it. Whew! Everything sped up.

SIP was instituted in El Cap in Sept. 2015.

I'm confused, though, because your symptoms sound more the product of poorly written software than like any kind of malware I've ever heard of.


MacBook Pro - M2, Ventura 13.6
Safari Tech Prev 17.0
Safari 16.6
Firefox 116.0.2
iPhone 7 Version 15.8




Re: Little Snitch
plantsower #45497 07/01/17 12:27 PM
Joined: Aug 2009
Likes: 8
Offline

Joined: Aug 2009
Likes: 8
Originally Posted By: plantsower
Is there a way to get graphics in emails without having to go back to the source website like Yahoo? Lately I've been getting emails with just squares and no pics.


Big squares in place of graphics often indicate that the graphics are blocked by the ISP, usually to speed up download of the e-mail or because it thinks it is junk mail. You should see something along the lines of "load remote images" you can click on to make them appear. Also, on the ISP's web site for their mail you may find a setting that controls the display of embedded graphics; change the setting to your liking.


On a Mac since 1984.
Currently: 24" M1 iMac, M2 Pro Mac mini with 27" BenQ monitor, M2 Macbook Air, MacOS 14.x; iPhones, iPods (yes, still) and iPads.
Re: Little Snitch
Ira L #45503 07/01/17 03:20 PM
Joined: Sep 2009
Likes: 3
OP Offline

Joined: Sep 2009
Likes: 3
Thanks, Ira. The next time it happens I will try one or both of those approaches, depending if it works right off the bat or not. smile



Originally Posted By: Ira L
Originally Posted By: plantsower
Is there a way to get graphics in emails without having to go back to the source website like Yahoo? Lately I've been getting emails with just squares and no pics.


Big squares in place of graphics often indicate that the graphics are blocked by the ISP, usually to speed up download of the e-mail or because it thinks it is junk mail. You should see something along the lines of "load remote images" you can click on to make them appear. Also, on the ISP's web site for their mail you may find a setting that controls the display of embedded graphics; change the setting to your liking.


MacBook Pro - M2, Ventura 13.6
Safari Tech Prev 17.0
Safari 16.6
Firefox 116.0.2
iPhone 7 Version 15.8




Page 2 of 2 1 2

Moderated by  alternaut, dianne, MacManiac 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)
Responsive Width:

PHP: 7.4.33 Page Time: 0.035s Queries: 51 (0.027s) Memory: 0.6897 MB (Peak: 0.8539 MB) Data Comp: Zlib Server Time: 2024-03-29 06:03:06 UTC
Valid HTML 5 and Valid CSS