I think, bearing in mind that I’m sure I’ve heard you advocate software such as MenuMeters, another monitoring application that displays information the computer layman probably doesn’t understand or need to know about, you’re being a bit over the top here.

Fair enough, you don’t like LittleSnitch, but you don’t deny there is a need for software like this, just like there is a need for computer users to be a bit more savvy about what is going on inside and outside their machines to prevent the infection by and spread of malicious programs.  I am a fairly advanced Mac user and it was LittleSnitch that saved me when I noticed that someone had tapped into my sshd server without me knowing about it and was dragging stuff off my machine (I’d enabled the server and forgotten to protect it).  Without LS I would have been seriously compromised.  If people took the time to learn just what being on a network is all about, software - when it is done well like LittleSnitch - is an essential app.

I bought Little Snitch as part of a bundle. Installed it. And immediately uninstalled it. In the right hands, it’s probably a great app. Not for me, however. Much too complicated for my mind to wrap around.

Dave, you are totally right.

Little Snitch - et al, do serve a purpose but the way they are implemented does brainwash users (even highly experienced techies) to keep pressing accept.

I would go further and say that the way Microsoft have implemented “User Account Controls” has exactly the same sort of problems, UAC is so badly implemented - even in Windows 7, that users are ‘trained’ to either keep saying yes, or turn it off (or down) as much as possible.

As Apple with their equivalent of UAC have in my opinion got it just about right, I believe it is possible to solve.

With regards to to Little Snitch, Zone Alarm, etc. they have not, and unless I was looking for a specific already known type of activity to specifically block, I would also regard them as more of a hindrance than a benefit.

Good rant on episode 208 Dave. I was laughing as you were describing the compulsive “Allow” clickers. I’ve had similar experiences. People ask for help but when you get there they click on everything without giving you a chance to even read it and then they wonder why they are in the situation they’re in. Is this something Windows has trained people to do? (I’ve even had people come to me in a panic because all of their files are gone from their USB flash drive. Seems they got a message asking them to format and they clicked the little “ok” without even thinking about it or knowing what it would do.) I decided to try out Little Snitch and yes, I was immediately bombarded with a screen quickly filling with notifications asking me what I wanted to do. I’m not claiming to be an expert but I’m also not a newbie. If you don’t truly know what you’re reading, then I would agree that you shouldn’t be messing with such Apps. But if you want to learn and have much free time then research all those notifications to learn what they truly mean. (And I mean much time). It can be a good learning experience if you don’t start randomly clicking just to get rid of pop-ups. Little Snitch is now gone from my comp. I will just clarify that I am not against all Apps that may fall into this category or similar categories. A comment by “Lemon” brings up MenuMeters, which I use and do find useful. It all comes down to use it if you truly know what you’re doing.

With all respects to JM I have to agree. While these monitoring and firewall tools are fine for those of us who know what the alerts are and how to respons they are just annoying FOR THE AVERAGE USER.

To further beat the aviation analogy, I’d compare it to turning the gear up light on for a lot of things and putting one in front of every passenger. They don’t know what it means and can’t really do anything about it anyway. I know it sounds dismissive but I’ve found that on the whole your average user doesn’t want to know what’s going on behind the scenes. They want to turn it on and type. A pop-up box saying something is an annoyance and they quickly learn that they make it go away by clicking Yes. After a short time the system is trained to allow just about everything through anyway.

This is getting almost as good as a Pillow Fight on Facebook

I bought Little Snitch as part of a bundle. I went through the sea of popups, Googling some of the more cryptic ones to find out if they were legitimate Unix processes or a trojan horse I’d inadvertently downloaded. It was a long process and even a few days later I was still seeing new popups as things like Software Update and the built-in version checking in my apps did their thing. I expected that Little Snitch would need to be trained so I didn’t get frustrated. In fact it was a great learning experience finding out what my Mac was doing behind my back.

All was not peaches and cream, however. The morning after the install my wife called me at work to yell at me. Little Snitch rules are user specific so all the configuring I’d done for myself needed to be done in her account too. I tried to calm her down by saying it was security software and that I’d get everything sorted out when I got home.

That evening we logged into her account and she did her normal tasks while I sat there to say “yes” or “no” to the firewall. Now if she encounters an outbound firewall warning it’ll be a legitimate cause for concern.

We’d have a lot fewer trojan horse attacks and a lot less spam if people were just a tiny bit smarter about how they use their computer. Going through the process of configuring an outbound firewall is a crash course in sensible computing everyone should take.

I have a much better aviation analogy for you. On the internet we don’t have pilots and passengers. Each “passenger” has their own plane and there is no process in place to see if they know how to fly one.

I completely with Bregalad.  Little Snitch (and other outbound firewalls) is only frustrating for the few days while it’s learning and establishing rules.  Once it knows your system and software it’s pretty smooth sailing.  So you happen to see a program trying to connnect that you’ve never heard, well a quick search of Google will tell you exactly why SystemUIServer wants to connect to UDP port 192 for example.  And _that_ knowledge is beneficial.  And after all if you didn’t have Little Snitch installed it would connect anyway.

The morning after the install my wife called me at work to yell at me.

Oh man. I’ve been there…

I have to say, I am stunned at the amazingly dimwitted opinions being expressed here.

“I hate outgoing firewalls because they show me that my computer is connecting out to the internet far more than I thought it did”

<sarcasm>
Yeah, the problem is clearly in the firewall software.
</sarcasm>

Anyone who is “quickly bombarded” by messages from LittleSnitch must be using BitTorrent or something similiar - there is no way a base-line OSX install needs to talk to the outside world as much as people are complaining about here.

If you have a program that you don’t care about, its one click to let it do anything forever. And if you can’t identify what a particular program is, don’t you think that perhaps you should search a little harder?

I don’t think anyone here is running an abnormally large number of strange things. Who doesn’t have “set date & time automatically” and Software Update turned on? Most apps these days do automatic version checking at start up and need to be given permission.

Here at work I have 88 user defined rules set up in Little Snitch. They range from obvious things like letting FireFox and iTunes connect on port 80 to the truly cryptic like allowing aosnotifyd and oscpd to make TCP connections. The latter two, and a bunch of others, are needed if you want MobileMe to work.

I am dismayed at the number of people who casually dismiss dialogs without understanding or even reading them. It’s no wonder 98% of email is spam and phishing schemes are everywhere.

Dear Dave, et all

I’m a first time writer.

I was mad as heck tonight reading your LittleSnitch. Opinion, but then some reason came back into the discussion when I started reading all the retorts. I am satisfied that there are a lot of wise Mac people here, and just had to write to add my 2¢ worth on this specific subject, LittleSnitch.

I have been using it since it hit the street, and I, too, feel that it has saved my bacon more than once. I think it’s the greatest thing since sliced toast and just an extra security tool we don’t (Presently) have in X. And yes, it took a day and a half to mainly educate it a long time ago, but I sure did appreciate it again when it asked me just this morning about one I denied without enough identifying information, and there is never any consequence. This only happens rarely, but it has and regularly does happen.

I am a retired old Mac programer back in the Motorola days, but still feel like a Newby in X at times. LittleSnitch adds a new comfortable security level for me that doesn’t come with my Mac.

I have learned, on a few occasions, 207 accumulated Rules to be exact, that are necessary for me, and they are each bona fide outfits I need to have my computer automatically communicate when they are launched and running.

Of those 207 times over the years there are been maybe 5-6, I’ve had to use WhoIs to be satisfied that I should or shouldn’t allow it. It’s not difficult, and you might be surprised how many things are routinely talking to your computer without your knowledge and certainly not your approval.

It hasn’t happened, legitimately but maybe 15-20 times since original installation that LittleSnitch has interceded demanding external communications, but in each occurrence it was about to gain what they wanted when LittleSnitch intervened. Call me a Newby or naive, but I want to know and approve of all transmissions from my machine. I can’t imagine you wanting anything less.

I think that the main point not discussed here is LittleSnitch’s capabilities of an extra level of security. It’s just one tool, but it provides an improvement during an ever menacing Internet experience. I have run into some sites that refused to stop “checking my security” that I finally had to force quit my browser.

I believe every user would profit from using a program like LittleSnitch, and the smart ones will. There are bad guys out there.

Thanks for listening to my rant.

Not to be the annoying “I’m a mac user and I’m immune to bugs” person, but to my knowledge nobody’s actually made a botnet of macs—convincing the entire mac community to embrace these programs is not going to stop spam e-mail.
I can respect that different people have different expectations or demands for internet privacy, but in general, I am convinced that keeping my personal data encrypted is a sufficient protection from malicious outbound traffic, and I have no problem with software developers retrieving metrics or google storing my search history.

Dave,

I couldn’t agree with you more. I downloaded Little Snitch and immediately got hit with dozens of messages “Do you want ....?”  Of course I clicked Forever but some of these I had no idea what thy meant. So, one time I said something like do not send. What I didn’t know was that was an email I was sending. Of course it didn’t reach its destination so I had to search for what happened. Finally found Little Snitch was the problem and deleted it. My problem was LS kept interrupting my work flow.

It would seem to me that the developers could come up with a way to allow the user to define what was good outgoing material and what was “evil” outgoing material.

Is everyone deliberately avoiding the issue of Little Snitch being used to stop pirated software from phoning home?

I can see no other reason for the average user to need outbound firewall applications.

It seems to me that this discussion has all the symptoms of the “Are You Sure?” syndrome. This syndrome has been around since the 1970s when the IT professionals designed the first on-line mainframe applications and, for the first time, “end-users” had a direct, instant connection with the application. In those days the likes of Tom Gilb and Edsger Dijkstra had a lot to say about system design. In particular, not confusing technical attributes with function; and the folly of presenting the user with choices that were either unnecessary or choices which couldn’t be made because the user did not have the requisite skill and knowledge.
Today this means that if you find the functions of Little Snitch useful and you have the skill and knowledge to use it and make the decisions it demands - then use it.
If not - Don’t!
And that’s no different to any other app.
The particular problem here is that some experts seem to be suggesting that even Casual Users (by Dave’s Definition) should have a) a need for outbound firewalls and b) the skill and knowledge to use them effectively. If that’s true then millions of Mac Casual Users should be worried ..... and Apple (not its customers) should do something about it.

I use Little Snitch and I do find it incredibly useful. Once it’s been trained and you’ve added your own rules to it, it isn’t intrusive in the slightest, really. I would agree though that it’s definitely more of an Admin tool, and the average user probably wouldn’t benefit much from it, but I think most people would be astonished how frequently their information is going out, even just to Apple from within the OS itself. If you know what you’re doing this is a handy little tool.

The problem is not with the outbound firewalls, but with the intrusive, privacy-violating developers who write apps that phone home (and who knows where else), sending and receiving unknown information, without your knowledge or permission.