Once you are connected to the Internet, various apps on your mac start sending data wherever they want. They call out, so to speak. They usually do this for your benefit. But sometimes, as in the case of tracking software, trojans or other malware, they don’t. This is a review for Little Snitch.
Apple and Microsoft also collect hundreds of user data when we use macOS and Windows operating systems. But you don’t notice any of it, because it all happens invisibly under the hood.
A good conversation
Your Mac doesn’t just call out with bad intentions. Indeed, most of it is good and necessary. Your Mac regularly checks the App Store to see if your apps and operating system are up to date. You also stream music and movies through Apple Music, Netflix, Spotify and Disney. You send and receive e-mail, messages and files, all as part of your normal work and leisure, and that requires connections to the Internet.
But every Web page you connect to also talks to ad servers, and every program you open can also send information about you, your Mac and about the program itself back to the company that made it. Little Snitch records all this information and lets you look at it, see what the communication is about, and choose when you want to allow your Mac to make that connection in the future.
Mac's default firewall
A Mac has a built-in firewall that you can enable and use to block unauthorized incoming network connections. So why buy a separate program when you already have something built in? Simple: Little Snitch does more than just block or allow incoming network connections. It gives you detailed information about
your network communications, whether they enter your Mac from outside or are sent from your Mac to anywhere on the Internet.
How does Little Snitch work?
Little snitch has several modes.
By default, Little Snitch uses Silent Mode – Allow Connections, which behaves much like Apple’s built-in firewall, that is, it assumes that any application on your Mac that is properly signed may send and receive data at will. Each connection is also tracked, while all network traffic is free to go in and out of your Mac, so you can review those connections and decide whether or not to make that connection in the future. This mode is the best choice for most users.
Alert mode asks you to make a choice every time a program tries to connect to the Internet. Once you’ve made a choice, Little Snitch remembers your choices and allows or disallows that connection in the future. In the beginning, if you are just starting to use Little Snitch, this can feel more like the annoying mode because you have to approve or reject every network connection attempt. I used Little Snitch that way in the beginning. This is tiring for a while because you have to keep specifying whether an app can call out, but it does give you the best picture of how data-hungry some apps are.
Silent Mode-Deny Connections is designed for situations where you want to set up specific rules about which connections you want to allow. Any connections for which you have not made an explicit rule will be rejected without seeking your approval.
Once Little Snitch runs
A small menu item appears at the top of your screen and shows a small meter setting so you know when your Mac is sending and receiving network traffic. Click on that menu and you’ll see options to change the modes and items for Little Snitch’s Network Monitor, Rules and Preferences.
Open Network Monitor and a new window will open with a world map centered on your current location with arcs of network traffic traveling from your Mac to various locations around the world. A sidebar displays a list of programs that send and receive traffic. When you select one of these programs, the map shows where the traffic is going. Another sidebar on the right shows a Connection Inspector that you use to view general and detailed information about data being sent with specific information about the selected program and why it may be sending or receiving information.
The depths with Little Snitch
Little Snitch offers information about a connection in a couple of ways. Sometimes a popup appears with details about the app or service, if any. In version 4, Objective Development now lets other developers create bundles of information that Little Snitch can import, bringing more details directly from the source.
You can also click on the [i] button with your mouse. This reveals highly technical details such as the IP address of the connection and whether the app or service in question has a code signature, meaning it was released by someone or an organization enrolled in Apple’s developer program.
If you see a connection you don’t know what it is about and there is no information in Little Snitch, this is a likely connection to block, and then find out if your machine is infected.
Little Snitch also allows you to determine that a program can only call out for one time. For example, when you install a program. The default setting is Forever, but so you can also choose Once or Quit. You can also give a program permission to communicate for a certain amount of time.
A useful setting, not found in the default Deny/Allow popup, is Ask for Connection. There may be certain apps or domains that you do not want to allow continuous or uncontrolled access to, but want to approve every time.
In the past, Little Snitch was also used to run illegal copies such as Adobe Photoshop, for example. Indeed, Adobe was constantly calling out to check if you were an “honest” user. Now that is no longer necessary because Adobe now works in the cloud.
Personally, I think 45 euros for software that has so much impact on my privacy is a good investment. But should you still not want to pay for Little Snitch, there is a free alternative available: LuLu from Objective Sea. This is open source software from a trusted developer. LuLu obviously does not have all the fancy gadgets and user interface like Little Snitch, but it is a good alternative. See also our page on antivirus and security software.
Little Snitch by Objective development is highly recommended if you want more control over your Mac. It significantly increases your privacy and security. For 45 euros a bargain. And no, I have no shares nor am I paid for my reviews. I am an avid user.