An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Page 2 of 2 < 1 2
Topic Options
#45432 - 06/28/17 07:55 AM Re: Little Snitch [Re: artie505]
joemikeb Online
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
Originally Posted By: artie505
Great post, thanks, but you didn't mention that Little Snitch also monitors calls out by Apple and 3rd party apps and system processes, not to mention the nasty stuff that inspired both it and SIP.

You're right I probably should have mentioned that Lil Snitch monitors all outgoing traffic. I focused on cookies et al. as the traffic users are most likely to block. SIP prevents external products from modifying system files. In fact if one is changed or deleted, SIP replaces the changed or deleted file with an image of the original file. I am unclear on how that would relate to what Lil Snitch does confused

Originally Posted By: artie505
Thinking about it, does SIP negate the necessity for LS and the other "paranoiaware" out there, or are there still unprotected areas of vulnerability?
  1. Security is multi-faceted and there is no single solution that covers them all.
    1. SIP protects system files from modification by malware (and as an added bonus from ill-advised user actions)
    2. Lil Snitch monitors and can prevent applications, cookies, and (lest we forget) even system files from "phoning home" with information about the user and her/his identity and/or browsing habits.
  2. Unquestionably there are still vulnerabilities that can be exploited. Any protection created by the human mind can be defeated by the human mind.
  3. Security is not a war that can ultimately be won. As with all crime it is a running battle with constantly evolving tools and tactics on both sides.
  4. Absolute security is a myth
  5. Security demands…
    1. Constant vigilance
    2. Keeping systems and software scrupulously up to date
    3. Constant vigilance
    4. Continual re-evaluation of your protections and what is or is not working
    5. Constant vigilance
    6. Strking a balance between security and usability
    7. Constant vigilance
Do you detect a pattern? smile
_________________________
joemikeb • moderator

Top
#45436 - 06/28/17 08:28 AM Re: Little Snitch [Re: artie505]
plantsower Offline


Registered: 09/13/09
Loc: Burson, CA
I plan on calling AppleCare after I get my wireless headset so I can be hand free when I talk to them. I can show them some stuff in my mail that doesn't look right anyway. It's great that they can share the screen. It saves a lot of explanation and misunderstandings.

Luckily, the inbox messages that disappeared when I deleted that one message in the trash folder were still on the Yahoo server and I retrieved them and put them in a different folder.

I will be able to show them in real time how I trash an item and it never ends up in the trash. I know they will want to see my prefs, but they will that I have it set up correctly unless there is s something I am just to seeing. Time will tell.



Originally Posted By: artie505
Originally Posted By: plantsower
OK. My mail is definitely acting wonky. All of a sudden I had something in my trash which I never put there. I knew b/c I had a number above my mail icon. I checked and it was definitely trash. I emptied it and it also emptied my inbox which had all my fine tuned Mac stuff which I hadn't responded to yet! Damn it! AppleCare will be getting a call soon but sometimes they just don't know what to do. mad

Uhhh... Like WOW! crazy

That makes absolutely no sense to me. Are you running any Mail plugins or anything else that affects Mail's behavior?

You're going to have an awful hard time explaining your problems to AppleCare without showing them hard evidence, so if the same thing happens again, call before you do anything else.
_________________________
MacBook Pro - Sierra 10.12.6, Safari 11.1




iPhone 5s Version 9.3.2 iTunes 12.4.0.119

Top
#45438 - 06/28/17 08:30 AM Re: Little Snitch [Re: Virtual1]
plantsower Offline


Registered: 09/13/09
Loc: Burson, CA
I'm sorry you are having that problem, but then again, I know now that it's not just me. I've been looking for an alternative mail program without much luck. I want it to be free and very easy to use.

I tried Thunderbird and didn't care for it. I tried Opera yesterday and things weren't working there either.

Originally Posted By: Virtual1
Originally Posted By: artie505
Originally Posted By: plantsower
OK. My mail is definitely acting wonky. All of a sudden I had something in my trash which I never put there. I knew b/c I had a number above my mail icon. I checked and it was definitely trash. I emptied it and it also emptied my inbox which had all my fine tuned Mac stuff which I hadn't responded to yet! Damn it! AppleCare will be getting a call soon but sometimes they just don't know what to do. mad

Uhhh... Like WOW! crazy

That makes absolutely no sense to me. Are you running any Mail plugins or anything else that affects Mail's behavior?

My Mail.app seems to have become unreliable also. Just last night I moved a message from my inbox to a folder. It did not appear in the folder, and most definitely left the inbox. Search could no longer find it. Fortunately it was easily resent. Never did find the original. I've experienced other weirdness also, I was trying to move an item and the highlight on the folder was not appearing. Relaunch of Mail seems to restore normal behavior. I relaunch mail a lot lately it seems...
_________________________
MacBook Pro - Sierra 10.12.6, Safari 11.1




iPhone 5s Version 9.3.2 iTunes 12.4.0.119

Top
#45449 - 06/28/17 04:10 PM Re: Little Snitch [Re: plantsower]
tacit Offline


Registered: 08/03/09
Loc: Portland, Oregon, USA
Originally Posted By: plantsower
I have been thinking about adding Little Snitch to my extensions. When reading the reviews, it is referred to as a firewall. I don't know if Adware or any other ad- stopping extension is considered a firewall but.......way back my ISP guy (small company) said that my modem or was it my router - had a firewall built in and if I put up the firewall in my Mac they could conflict. So, I never did that.

I am wondering if Little Snitch (if it is a firewall)I would conflict with the firewall in my modem more router? He also calls the modem a radio.


Okay, from the top:

A firewall is a program or a piece of hardware that stops programs or computers on the Internet from connecting to your computer.

Your ISP guy is correct. Every modern router and cable modem/router combo has a built-in firewall, called a "NAT firewall." This is an extremely robust firewall that, for the most part, makes software firewalls like the one built into macOS redundant. And indeed, multiple firewalls can conflict, if you want another computer to connect to you. You must configure both firewalls to permit this.

When do you want another computer to connect to you? Any time you want someone to be able to reach you over the Internet. Why might you want that? Because you're hosting a game, because you're running a file server so that you can access your files at home when you are on the road, because you want to be able to use Find My Mac or Back To My Mac, because you want to be able to control your computer when you're on the road, and so on.

Little Snitch is not a firewall. Little Snitch stops programs on your computer from talking to the Internet.

Examples of programs on your computer that talk to the Internet include:

Your email program.
Your Web browser.
Apple Software Update.
Video games.
FTP programs.
Skype.
Messenger.
Chat software.
Any program that uses an automatic updater.
Adobe software (Photoshop, Lightroom, Indesign, and so on).

Basically, most modern programs talk to the Internet. Little Snitch blocks them unless you allow then to connect.

Little Snitch won't conflict with firewalls, because they do different things.

Also, your router is indeed a radio. When you connect by WiFi, your computer is talking to your router with radio waves.
_________________________
Photo gallery, all about me, and more: www.xeromag.com/franklin.html

Top
#45450 - 06/28/17 05:23 PM Re: Little Snitch [Re: tacit]
artie505 Online


Registered: 08/04/09
Great explanation, tacit!

But, like joemike, you didn't mention the myriad OS X/macOS processes that - literally - inundate you with Little Snitch pop-ups. I invariably allow them forever with the exception of anything that sounds like it deals with location, which I invariably deny forever (even with Location Services turned off). (As per LS's devs, v 4 will have an option to allow system calls by default.)

The only calls out that concern me are those from
  • Safari
  • Mail, and
  • malware,
the latter having been my impetus to install LS in the first place, but hasn't the risk of malware declined significantly, if it hasn't disappeared altogether, since the advent of SIP?

And as for Safari, I haven't seen many LS pop-ups at all since I established blanket "allow" rules for ports 80 and 443.

Which leaves Mail, which has never been a malware conduit on the Mac platform, but which pops up endless requests to connect to images.

Bottom line is that unless there are avenues that malware can exploit in the presence of SIP, it seems to me like Little Snitch has had its day...that it lives on only because of paranoia.

It may include functionality that's useful, if not necessary, on the enterprise level, but for those of us here...it looks dead to me.

(OK, yes, there are people who d/l stuff from spurious sources who should run LS, but that's not paranoia, it's reality.)

And YES! I just turned LS off; it'll be nice to work without having to deal with endless "boy who cried wolf" pop-ups. smile laugh cool
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#45452 - 06/28/17 05:54 PM Re: Little Snitch [Re: tacit]
plantsower Offline


Registered: 09/13/09
Loc: Burson, CA
Thank you. You're a good teacher.


Originally Posted By: tacit
Originally Posted By: plantsower
I have been thinking about adding Little Snitch to my extensions. When reading the reviews, it is referred to as a firewall. I don't know if Adware or any other ad- stopping extension is considered a firewall but.......way back my ISP guy (small company) said that my modem or was it my router - had a firewall built in and if I put up the firewall in my Mac they could conflict. So, I never did that.

I am wondering if Little Snitch (if it is a firewall)I would conflict with the firewall in my modem more router? He also calls the modem a radio.


Okay, from the top:

A firewall is a program or a piece of hardware that stops programs or computers on the Internet from connecting to your computer.

Your ISP guy is correct. Every modern router and cable modem/router combo has a built-in firewall, called a "NAT firewall." This is an extremely robust firewall that, for the most part, makes software firewalls like the one built into macOS redundant. And indeed, multiple firewalls can conflict, if you want another computer to connect to you. You must configure both firewalls to permit this.

When do you want another computer to connect to you? Any time you want someone to be able to reach you over the Internet. Why might you want that? Because you're hosting a game, because you're running a file server so that you can access your files at home when you are on the road, because you want to be able to use Find My Mac or Back To My Mac, because you want to be able to control your computer when you're on the road, and so on.

Little Snitch is not a firewall. Little Snitch stops programs on your computer from talking to the Internet.

Examples of programs on your computer that talk to the Internet include:

Your email program.
Your Web browser.
Apple Software Update.
Video games.
FTP programs.
Skype.
Messenger.
Chat software.
Any program that uses an automatic updater.
Adobe software (Photoshop, Lightroom, Indesign, and so on).

Basically, most modern programs talk to the Internet. Little Snitch blocks them unless you allow then to connect.

Little Snitch won't conflict with firewalls, because they do different things.

Also, your router is indeed a radio. When you connect by WiFi, your computer is talking to your router with radio waves.
_________________________
MacBook Pro - Sierra 10.12.6, Safari 11.1




iPhone 5s Version 9.3.2 iTunes 12.4.0.119

Top
#45454 - 06/28/17 11:38 PM Re: Little Snitch [Re: joemikeb]
artie505 Online


Registered: 08/04/09
Originally Posted By: joemikeb
Originally Posted By: artie505
Great post, thanks, but you didn't mention that Little Snitch also monitors calls out by Apple and 3rd party apps and system processes, not to mention the nasty stuff that inspired both it and SIP.

You're right I probably should have mentioned that Lil Snitch monitors all outgoing traffic. I focused on cookies et al. as the traffic users are most likely to block. SIP prevents external products from modifying system files. In fact if one is changed or deleted, SIP replaces the changed or deleted file with an image of the original file. I am unclear on how that would relate to what Lil Snitch does confused

Little Snitch's most important function, to my mind, at least, was alerting users to outgoing calls from malware placed by bad guys in areas that can no longer be accessed because of SIP.

Originally Posted By: joemikeb
Originally Posted By: artie505
Thinking about it, does SIP negate the necessity for LS and the other "paranoiaware" out there, or are there still unprotected areas of vulnerability?
  1. Security is multi-faceted and there is no single solution that covers them all.
    1. SIP protects system files from modification by malware (and as an added bonus from ill-advised user actions)
    2. Lil Snitch monitors and can prevent applications, cookies, and (lest we forget) even system files from "phoning home" with information about the user and her/his identity and/or browsing habits.
  2. Unquestionably there are still vulnerabilities that can be exploited. Any protection created by the human mind can be defeated by the human mind.
  3. Security is not a war that can ultimately be won. As with all crime it is a running battle with constantly evolving tools and tactics on both sides.
  4. Absolute security is a myth
  5. Security demands…
    1. Constant vigilance
    2. Keeping systems and software scrupulously up to date
    3. Constant vigilance
    4. Continual re-evaluation of your protections and what is or is not working
    5. Constant vigilance
    6. Strking a balance between security and usability
    7. Constant vigilance
Do you detect a pattern? smile

Of course, but I was really asking whether, SIP notwithstanding, there are still areas of OS X/macOS in which bad guys can place the sort of malware we've seen over the years...the sort of malware that LS can intercede against?

I don't recall a single such threat having arisen since SIP was instituted.
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#45462 - 06/29/17 08:38 AM Re: Little Snitch [Re: artie505]
plantsower Offline


Registered: 09/13/09
Loc: Burson, CA
When was SIP instituted? Because a couple of years ago on my mid-1012 MBP I downloaded an open source office suite. I can't remember now whose it was. After that my Mac went to a slow crawl. I still had AppleCare at the time and was told to download Malwarebytes. It found it immediately and tossed it. Whew! Everything sped up. It hasn't found anything since then, though. They supposedly keep it updated, but I am sure they don't have all the malware in their bag of tricks.


Of course, but I was really asking whether, SIP notwithstanding, there are still areas of OS X/macOS in which bad guys can place the sort of malware we've seen over the years...the sort of malware that LS can intercede against?

I don't recall a single such threat having arisen since SIP was instituted. [/quote]
_________________________
MacBook Pro - Sierra 10.12.6, Safari 11.1




iPhone 5s Version 9.3.2 iTunes 12.4.0.119

Top
#45464 - 06/29/17 10:09 AM Re: Little Snitch [Re: artie505]
joemikeb Online
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
Originally Posted By: artie505
Of course, but I was really asking whether, SIP notwithstanding, there are still areas of OS X/macOS in which bad guys can place the sort of malware we've seen over the years...the sort of malware that LS can intercede against?

I don't recall a single such threat having arisen since SIP was instituted.

I reiterate: Anything the human mind can create the human mind can defeat — eventually. SIP is an excellent safeguard and as you point out is working very well but it is no panacea. All it takes is one malware developer discovering a hitherto unknown or unexpected vulnerability and as Sherlock Holmes would say, "The game is afoot".

For the average user the biggest security venerability is their own ignorance of the threats. For the more technically aware it is complacence. With that in mind each person must strike their own balance among the competing elements of security, convenience, and usability. I am trying to encourage you to avoid the trap of complacency.
_________________________
joemikeb • moderator

Top
#45470 - 06/29/17 11:33 PM Re: Little Snitch [Re: joemikeb]
artie505 Online


Registered: 08/04/09
Originally Posted By: joemikeb
I am trying to encourage you to avoid the trap of complacency.

That's far from the first time you've made that point, and I always appreciate it; it's right on the mark! :thumbs up: (I hate emojis!)

But you've made it in the general sense, not in the much narrower context of "do I really need Little Snitch", and in that sense, I think that running LS almost solely against the possibility of some bad guy finding a back door into macOS sometime in the future and exploiting it with a new piece of malware with which LS will interfere is overkill in view of the very annoying nature of the beast and the demands it makes (and you apparently reached a similar, if not identical, conclusion).

In fairness, though, I'll install the LS v 4 public beta and see if it's easier to live with.

(I invited LS tech support to participate in this thread, but I guess it's not going to happen.)
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#45471 - 06/30/17 12:03 AM Re: Little Snitch [Re: plantsower]
artie505 Online


Registered: 08/04/09
Originally Posted By: plantsower
When was SIP instituted? Because a couple of years ago on my mid-1012 MBP I downloaded an open source office suite. I can't remember now whose it was. After that my Mac went to a slow crawl. I still had AppleCare at the time and was told to download Malwarebytes. It found it immediately and tossed it. Whew! Everything sped up.

SIP was instituted in El Cap in Sept. 2015.

I'm confused, though, because your symptoms sound more the product of poorly written software than like any kind of malware I've ever heard of.
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#45476 - 06/30/17 08:56 AM Re: Little Snitch [Re: Virtual1]
artie505 Online


Registered: 08/04/09
Originally Posted By: Virtual1
Originally Posted By: artie505
Originally Posted By: plantsower
OK. My mail is definitely acting wonky.

Uhhh... Like WOW! crazy

My Mail.app seems to have become unreliable also. Just last night I moved a message from my inbox to a folder. It did not appear in the folder, and most definitely left the inbox. Search could no longer find it. Fortunately it was easily resent. Never did find the original. I've experienced other weirdness also, I was trying to move an item and the highlight on the folder was not appearing. Relaunch of Mail seems to restore normal behavior. I relaunch mail a lot lately it seems...

My recent experience has been that embedded graphics are being sent, but not delivered unless I package them in folders.
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#45477 - 06/30/17 09:15 AM Re: Little Snitch [Re: artie505]
plantsower Offline


Registered: 09/13/09
Loc: Burson, CA
Is there a way to get graphics in emails without having to go back to the source website like Yahoo? Lately I've been getting emails with just squares and no pics.


My recent experience has been that embedded graphics are being sent, but not delivered unless I package them in folders. [/quote]
_________________________
MacBook Pro - Sierra 10.12.6, Safari 11.1




iPhone 5s Version 9.3.2 iTunes 12.4.0.119

Top
#45478 - 06/30/17 09:28 AM Re: Little Snitch [Re: plantsower]
artie505 Online


Registered: 08/04/09
Originally Posted By: plantsower
Is there a way to get graphics in emails without having to go back to the source website like Yahoo? Lately I've been getting emails with just squares and no pics.


My recent experience has been that embedded graphics are being sent, but not delivered unless I package them in folders.

I don't know what my daughters are seeing on the other side, but now that you've mentioned empty squares I'll ask.

When they tell me that they didn't receive, for instance, a screenshot I resend it in a folder.
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#45479 - 06/30/17 09:42 AM Re: Little Snitch [Re: artie505]
plantsower Offline


Registered: 09/13/09
Loc: Burson, CA
I don't get a lot of graphics from friends and family but the commercial ones aren't showing up for sure.

Originally Posted By: artie505
Originally Posted By: plantsower
Is there a way to get graphics in emails without having to go back to the source website like Yahoo? Lately I've been getting emails with just squares and no pics.


My recent experience has been that embedded graphics are being sent, but not delivered unless I package them in folders.

I don't know what my daughters are seeing on the other side, but now that you've mentioned empty squares I'll ask.

When they tell me that they didn't receive, for instance, a screenshot I resend it in a folder.
_________________________
MacBook Pro - Sierra 10.12.6, Safari 11.1




iPhone 5s Version 9.3.2 iTunes 12.4.0.119

Top
#45480 - 06/30/17 09:43 AM Re: Little Snitch [Re: artie505]
plantsower Offline


Registered: 09/13/09
Loc: Burson, CA
Well, AppleCare thought it was malware and the malware program removed it immediately and my computer sped up!


Originally Posted By: artie505
Originally Posted By: plantsower
When was SIP instituted? Because a couple of years ago on my mid-1012 MBP I downloaded an open source office suite. I can't remember now whose it was. After that my Mac went to a slow crawl. I still had AppleCare at the time and was told to download Malwarebytes. It found it immediately and tossed it. Whew! Everything sped up.

SIP was instituted in El Cap in Sept. 2015.

I'm confused, though, because your symptoms sound more the product of poorly written software than like any kind of malware I've ever heard of.
_________________________
MacBook Pro - Sierra 10.12.6, Safari 11.1




iPhone 5s Version 9.3.2 iTunes 12.4.0.119

Top
#45497 - 07/01/17 05:27 AM Re: Little Snitch [Re: plantsower]
Ira L Offline


Registered: 08/13/09
Loc: California
Originally Posted By: plantsower
Is there a way to get graphics in emails without having to go back to the source website like Yahoo? Lately I've been getting emails with just squares and no pics.


Big squares in place of graphics often indicate that the graphics are blocked by the ISP, usually to speed up download of the e-mail or because it thinks it is junk mail. You should see something along the lines of "load remote images" you can click on to make them appear. Also, on the ISP's web site for their mail you may find a setting that controls the display of embedded graphics; change the setting to your liking.
_________________________
On a Mac since 1984.
Currently: 27" iMacs, Macbook Air, macOS 10.14.x,; iPhones, iPods and iPads galore!

Top
#45503 - 07/01/17 08:20 AM Re: Little Snitch [Re: Ira L]
plantsower Offline


Registered: 09/13/09
Loc: Burson, CA
Thanks, Ira. The next time it happens I will try one or both of those approaches, depending if it works right off the bat or not. smile



Originally Posted By: Ira L
Originally Posted By: plantsower
Is there a way to get graphics in emails without having to go back to the source website like Yahoo? Lately I've been getting emails with just squares and no pics.


Big squares in place of graphics often indicate that the graphics are blocked by the ISP, usually to speed up download of the e-mail or because it thinks it is junk mail. You should see something along the lines of "load remote images" you can click on to make them appear. Also, on the ISP's web site for their mail you may find a setting that controls the display of embedded graphics; change the setting to your liking.
_________________________
MacBook Pro - Sierra 10.12.6, Safari 11.1




iPhone 5s Version 9.3.2 iTunes 12.4.0.119

Top
Page 2 of 2 < 1 2

Moderator:  alternaut, dianne, MacManiac