Sign in Subscribe
little-snitch

Take Your Privacy Back - Little Snitch Review

Take Your Privacy Back - Little Snitch Review

If you care even the least bit about maintaining a semblance of privacy online then I highly suggest looking at Little Snitch and Little Snitch Mini.

The app is a must have Mac app for monitoring network connections and blocking sites. That sounds pretty boring, but it's become one of my top apps, and I'm a musician.

The full version is the right choice if you're ready to invest the time into taking back control of your privacy. For everyone else, Mini might be more suitable.

Why?

You'd think that when you visit a website you're just visiting that one site. That is not even remotely the case.

Nearly all sites connect to at least one extra domain if not multiple, and in some cases many more. There are all kinds of reasons why - ads, tracking, functionality, fonts, and the like.

Depending on your view of data collection and profiling this might seem like a big nothing burger. But there are a number of reasons why we shouldn't be so quick to give up on our privacy.

Those reasons are personal and sometimes even political.

I first became aware of Little Snitch when I decided I had to do something about all the tracking and profile gathering that I had a sneaking suspicion was going on.

Plus, it bothered me to think that I was indirectly supporting companies that were supporting the military industry. The biggest culprit at the time, in my opinion, was Amazon's AWS which powers the massively popular cloudfront service. Not a day goes by where I don't see cloudfront's name coming up on Little Snitch, it is incredibly pervasive.

I've since come to learn that there are other big offenders too.

We shouldn't be so ready to give up our privacy and allow companies to collect data on us by creating profiles about what we're doing. Nor should we be indirect participants in propping up corporations that are doing horrible things.

What?

Interestingly, many browsers have already made great strides in blocking, or having built-in capabilities to block 3rd party offenders. As a result, when I began using Little Snitch I was a little surprised to see that what I thought would be the most common culprits were in fact not that common.

Basic stuff

Most of what I see are relatively benign connections to script libraries. For example, without getting too technical, rather than host a particular Javascript library which might control something like a newsletter popup or other common element locally, many sites link to an external source.

This is lazy at best because it incrementally slows down page loads. More importantly, this laziness exposes the visitor to potential tracking and exploitation if those libraries were to ever become compromised. More likely is that buried within those hundred page privacy policies that nobody reads there is or could one day be some clause about trackers, telemetry, or worse.

The fact is that most are probably innocent. And performance is probably not an issue due to browser caching. Nonetheless, I still try to block first. Sometimes blocking these domains results in a visibly broken site experience so there's no choice but to unblock. But at the very least you can specify whether you want to allow the connection for only a certain amount of time (ie, 10 minutes).

Not so basic stuff

Less basic are services such as Google and Adobe Fonts, search services by Google, Bing, trackers, and similar services.

It's true that these services are quite common and are becoming harder to avoid. But that doesn't mean we should just sit back and accept it. If not for our personal privacy then for what it entails down the line.

The reason that Facebook has become so massively profitable is because it has convinced website owners to install its tracking pixel. This pixel tracks what you're looking at. The profile that's then created about you is then used by advertisers to target you on a creepily granular scale.

Imagine that an advertiser can serve ads to you based not just on your age and location but also your affiliations, interests, dining preferences, and other deeply personal search queries you make on your phone at 1 AM.

We've all had that strange thing happen where we're talking to a friend about something and then a couple of hours later we're bombarded with ads on Instagram about that very thing, right? This is not science fiction.

Google does the same of course. It's mind boggling to think about the data selling and sharing that goes on.

I think it's naive to think that it isn't worse or won't get worse. We should know better by now.

How do I feel about and deal with this stuff?

The last category is the one that's surprised me the most. I'd say the first one that really stood out was when I tried to log in to my bank and Little Snitch asked if I wanted to allow a connection to some domain I'd never heard of. After a 5 second search I found out it was an analytics platform based in Israel.

I was already in the process of divesting from this bank because of their investments in the military industry. So I was upset to discover that my own complicity goes even deeper and was happening silently without my knowing.

And this is what I think is Little Snitch's greatest asset - you don't just gain control of your connections but you become educated about all of these silent network connections that you are making. It's distracting and time-consuming work but it's also deeply empowering.

It's the equivalent of finding out that the diner you've been going to for years is run by a white supremacist. You'd rather know, wouldn't you?

As news comes out about how deeply connected and invested these companies are in the military industry it becomes impossible to ignore our role in supporting them.

When we use the platforms and services of Amazon, Meta, Google, and others we are directly aiding them to train their tools, knowledge, and infrastructure. This expertise then gets sold on to some of the worst human rights offenders on the planet.

Suffice to say, I block these services permanently. This includes cloudfront, as many Google services as I can (Analytics, Tag Manager, even Fonts), all Facebook and Meta pixels, and so on.

I read an article years ago about how China was using its vast data collection and CCTV footage to not only track people but to build a sort of scoring system on each and every person based.

It's probably a bit tinfoil to say this, but I would not be surprised to find out one that something similar is already happening outside of China - companies and governments are silently colluding to numerically identify us based on what we search for, what we say, and how that data balances with the priorities of the company and of the government under which it operates.

It sounds crazy, I know. I hope I am wildly wrong. But would you be surprised if it turned out to be true?

Anyway, I digress, we're talking about a little software app, right?

Blocklists

A blocklist is one of the most powerful features in Little Snitch. It's a publicly available list you can subscribe to via the app to block a list of domains based on specific topics.

The biggest is a list with 10k entries that block the most common ads and tracking domains. There are other lists for pop-unders, malicious sites, crypto-mining, phishing, gambling, affiliates, and so on. Wouldn't you like the peace of mind of knowing that someone is not silently using your computer to mine bitcoins?

Little Snitch Blocklists

This an incredibly powerful and also efficient way of maintaining a safe browsing experience and it also has the potential to add an element of political activism.

How does Little Snitch work?

The interface is quite simple and can be customised to your needs. When you first begin using the app you'll go through a period of being annoyed and surprised at how many extraneous domains are loaded. You'll also quickly figure out how much you care and what's important to you. Everyone has their own comfort level.

Generally, I don't use the actual program and interface that often. Think of Little Snitch as your personal bodyguard - nobody gets in or out without your approval. It sits in the background as a middleman between my computer and the outside world.

All connections are app-specific. You can accept each domain one by one in one browser and in another you can allow all connections to go through.

Using this method I can do web development in one browser by allowing all connections, thereby ensuring that I have an accurate development experience.

When I'm not working, I switch to another browser where I have much stricter needs and control.

Once you've spent a little time with it you will get used to it.

Oops!

Sometimes you make a mistake and block something you shouldn't have. Take a few seconds to remove it via the 'Recently Used' tab.

Common apps whitelisted by befault

Out of the box the most common services related to iCloud, macOS, and Apple apps are enabled by default. Little Snitch does not give itself a free pass - you will have to confirm or deny whether you want the app to check for updates.

So much more

If you have the time and interest there are also other features such as APS profile switching, various rule configuration options, DNS encryption, and you can even utilise Berkeley's packet filter monitoring if you're so inclined.

I stick to the relative basics because my knowledge about most of this stuff is just that. You really have to weigh how much time you want to invest in figuring out whether each connection is important or not.

Who?

The developers were kind enough to answer a few questions about their reasons for making the app, its potential for use as a tool for anti-capitalism, and its own use of tracking within the app.

Why did you make Little Snitch?

Back in the early 2000s, connecting to the Internet was very different. Most people used dial-up, and your computer only connected when *you* asked it to – like when you typed a website address into your browser. If your computer had started connecting to the Internet on its own, that would have seemed very strange!
Over time, computers became central to our lives. We began to trust them with personal information – writing documents, storing photos, and more. At the same time, Internet connections became more permanent. As a consequence, any program could connect to the Internet and send or receive data without your direct instruction or notice. We found this concerning.
Many programs started making these connections silently, without letting you know *what* they were sending, *why*, or even *that* it was happening. That’s what sparked the idea for Little Snitch – giving users control and visibility over these connections.

What do you think about its use as a tool of capitalist resistance?

I wouldn’t overstate Little Snitch’s impact on surveillance capitalism, but it definitely helps reduce the amount of data sent to large tech companies. It’s a way for users to reclaim some control over their data.

Has Little Snitch been independently audited?

Not yet. There was some demand for an audit a couple of years ago when we used a kernel extension for filtering. However, now we’re limited to using Apple’s Network Extension framework. This means Apple maintains the core security code.

Does Little Snitch record individual activity or otherwise run any kind of telemetry?

Little Snitch doesn’t send any telemetry data. The only exceptions are requests to check for new software updates and to update the database that maps IP addresses to geographic locations.
However, Little Snitch *does* store a lot of data locally. Network Monitor shows a complete history of all app connections over the past year. This data remains encrypted on your local hard drive, and the password is stored securely in the macOS keychain.
Little Snitch doesn’t make any exceptions for its own connections either. You have to explicitly allow the software update and the geo database update with a rule, just like any other connection.

Other Thoughts

The developers have to balance their own needs for making a profitable app and also not getting bogged down in a myriad of user requests. It's also true that my or your use of the app are probably not entirely aligned with the company's intentions for making the app. With that said, it's hard not to have some wishes when you become particularly invested in something.

The following are some selfish and probably not entirely realistic wishes. Their omission are not faults so much as indication of my personal usage and different priorities.

For Grandma Too!

I wish that there was a more accessible version of the app in the sense of affordability and interface. They've clearly tried to do that, and done a beautiful job of it, with Little Snitch Mini, a separate app that has pared down functionality.

Mini is more approachable for those who aren't as interested or invested in controlling their digital footprint.

Little Snitch Mini

The interface is very clean and simple for getting a top level view of apps that are making active connections. You can also see precisely what domain is being connected to. There's even a map view if you want a quick reminder of how many of your apps are silently connecting in the background.

Little Snitch with Map

I particularly appreciate the inclusion of the company's other effort, IAP, or Internet Access Policy within Mini.

Internet Access Policy (IAP) is a document, that allows software vendors to declare and describe the Internet usage of their programs.

I hope that more companies get on board with IAP.

Mini can be used to monitor traffic for free. If you want to block traffic you have to subscribe on a monthly or yearly basis. The price is decent, though I wish you could buy it outright as a one-off purchase.

Personally, I run both Little Snitch and Little Snitch Mini (without a subscription)at the same time. Mini helps me see what's going on in the background very quickly. And if I see something suspect (what the heck is Apple Podcasts connecting to - I don't use Apple Podcasts?) then I can hop into Little Snitch to block it.

Overall

In all honesty, I'm annoyed that Little Snitch has to exist. Privacy should be something that our governments safeguard.

To me, Little Snitch's greatest strength is that it empowers me to be more aware, educated, and in control of my involvement in a political context. It is our responsibility to be engaged at this level. Tuning out doesn't afford us the right to plead innocence. We are all active participants whether we choose to see it or accept it.

Even though Little Snitch may not be intended for political activism or fighting back against surveillance capitalism, there's no reason why it can't be used for both.

Little Snitch is absolutely essential to me, and I feel exposed without it, such as when I'm on my phone. The awareness and education it has afforded me is difficult to overstate. It's my genuine hope that more people give it, or at least the Mini version, a look.

Comments ()