Little Snitch alternatives?
 

are there apps which do what Little Snitch does better or differently? What are the feelings as to whether little snitch is actually effective at its advertised purpose?

a

It works for me...

My opinion (same as a lot of other folks, I think) - Little Snitch does what it promises.
It is effective...
You can choose to make it less effective through the settings/rules - or pretty much lock down your internet connection so you can't connect to anything. LS will allow you to make that choice '-)
If you are looking for a FREE app that does what Little Snitch does - good luck with that :D

Fair enough!

Little Snitch is very effective about making you worry and spend time researching perfectly innocent network calls.

It may catch malware in the event that you contract some, but at the cost of all the "False positives" it throws up of harmless connections.

Little Snitch is an excellent outgoing firewall/network monitor for advanced users and in same breath 99% of users do not need it ;-)

Overall there are options ie. front end GUI for PF firewall written by Hayne here on macosxhints.
http://www.hanynet.com/icefloor/

Effectively PF firewall is top notch in my book and glad it was brought into OS X network stack from 10.7 onwards.

my beef with Snitch is that it thinks it's the absolute center of the total known universe.

Why?

It insists that its warning boxes A) get right up in your grill and B) won't get out of the way, even if you're typing mid-word or doing something truly imporant.

The sun will not explode if I do not deal with a Little Snitch warning; my set up is no permission unless I grant it; so Little snitch can kindly take a pill and sit down.

I would like to see more brains-based behavior in LS. Stop dinging me with 2, 3,4,5,6 or more warnings of all permutations of the same thing; save them up and present me with the list of them all. sifting through mail is classic; you select a mail that's junk and you're trying to delete and suddenly a barrage of half a dozen LS items in a row, bing! bing! bing! bing! bing! I need that like I need another hole in my head.

I guess it's doing its job. I want it to stop interfering with ME doing MINE.

my 2 cents

a

Nope - not me.
Note that web site is: hanynet.com
My web site is: hayne.net

im in the same boat with you. i just posted in another thread how LS threw up 61 denys for fpsaud (flash player secure update) while i was away for a few days. what made me seek this board out was a google search talking about fpsaud, and little snitch freaking out. worst part is, i HAVE a rule set up to allow the connection - LS keeps asking me to approve it again, to the exact same IP and server. in fact, it just asked me to approve it again - 16 times. in a row. whilst hijacking what i was doing. exactly as you said, bing! bing! bing! bing! bing! bing! bing! bing! i nearly threw my mouse across the room.

i miss LS version 1. it was not nearly as obtrusive as v2 and v3 have been.

And there we have the crux. I've been debating elsewhere with people who insist on monitoring their fan speed, cpu temp, disk activity, network activity, memory usage, etc, etc, and who don't like Fusion drives because they want to stay "in control".

My very first computer, you had to specify the memory address that you wanted files to load into. I'm glad I don't have to do that now!

The whole point of an OS is that it takes care of all these things for me, so that I can get on with my important cat videos.

Sorry Hayne, case of mistaken Identity ;-)

LS has made me aware that ”internet” is doing lots of crap without my consent. Collecting statistics, calling home, advertising. Even if I do not manage too much with LS I am very happy about constant reminders of all these entities that are interested in my doings.
If you think that google statistics and doubleclick are innocent then yes, you are fine without SL.
SL is not made for catching malware. It is more like a door that you can choose to open or not. Makes you more aware and and hopefully responsible.

can anyone share tips on how they both use LS while not being hamstrung by the sheer number of connection requests?

If I simply Launch Firefox, I get (no exaggeration) upwards of 3 minutes' worth of connection requests, many of these seem like slight variants of each other.

one for google. one for google media. one for google something else, and on and on and on, minutes on end. Some things are like cjslka.domain wants to connect.

how am I supposed to even know what that is?

I've thought OK, I'll just keep clicking deny forever and be done with it. What a fool I was. the clicking would simply keep going rapid fire, as soon as I dismiss one request, another pops in its place.

nobody wants their privacy disrespected… nobody wants to spend their working 8 hour day micromanaging Little Snitch.

what's the sane middle ground and how do we get there?

thank you!

a

You can go into the Little Snitch Configuration application and set up the application allowances. It sounds like FireFox is getting a bit pedantic about its connections - all I've allowed for Safari is port 80 and 443, and I don't get anything unless a page tries to install a plugin or whatever. For something like a web browser, I would probably allow everything through LS and use a browser plugin to manage its connections.

Ah - the voice of reasonableness!

Why even have LS, if you just deny everything that it alerts on?
The theory is: LS is supposed to somehow help you - not hinder everything you do.
Sounds like the domain of the hyper-paranoid, and LS certainly "helps" maintain that condition.

you have a good point, DeltaMac..maybe LS is simply giving an honest picture of how many connections these applications are trying to make, of which I'd be blissfully ignorant if it weren't for LS, so the choice boils down to either have it and spend a lot of time dealing with connection requests, or not have it, but quite possibly lose whatever trace of privacy and security you might have had.

what is that about..using a browser plugin to manage its connections? is that a browser-specific "little snitch" counterpart?

a

I don't deny (or allow) everything, I just use it as an informational tool to bring to light some of the behind-the-scenes stuff that goes on. I mainly use it to shut off the constant update, sync, and analytics crap, and of course the Flash Player preferences that keep getting ignored.

Once a few rules have been set up for the routine stuff, I don't get that many notices.

Edit: Little Snitch doesn't bring up any alerts for me using Safari, so maybe there is something in FireFox that is triggering it. I also use some browser plugins for cookie, local storage, and flash player cache management, but that is separate from LS.

Red_Menace..would you mind sharing how you have this set up?

a

Little Snitch comes with settings for several applications and items such as mobile.me and iCloud, Bonjour, network time server, etc. From there, as items pop up I will permanently allow or deny as desired, so after a (short) while everything I normally use has some kind of entry. You can also go into the LS configuration to tweak things if needed.

I've never had more than 3-4 alerts pop up at any given time, and those are usually from something making an initial contact with Apple that is rolling over as the primary gets denied. After those are dealt with, I just get the occasional message when something new wants to phone home or install something. Safari is set to allow ports 80 (http) and 443 (https), so I've never seen alerts on web sites or domains.

Really, about the most activity I get is the occasional test Xcode or AppleScript application, since those aren't in the LS configuration.

Little Snitch alternative: Hands Off!
 

I've been using LS for a long time now and have recently complemented it with an interesting alternative:

Hands Off!

It does what LS does, plus it allows you to control all writing file-access for every app seperately. The downside is that you get to decide the right course of action in a lot more dialogues, as it comes with less pre-configured rules.

But that also lets you get a feeling to what extent apps phone home and write invisible files in obscure places.

Probably not something for I-just-want-it-to-work-kind of users, but very handy if you need to take a closer look.

OK I just cruised through this thread....

Acme what is the goal your trying to solve with something like little snitch?
It is not clear to me you have a use case for it?