Review: Little Snitch 1.0.3
Developer: Objective Development
Requirements: Mac OS X 10.2
Trial: Fully-featured (quits after three hours)
It’s become increasingly common for programs to “check in” with their developer when you start them up, whether to look for available upgrades, prevent piracy, or permit companies to track your actions. While in some cases this sort of behavior may be desirable, it concerns me that the default is generally to permit such connections without asking the user first, and frequently companies fail to disclose just what information they suck from your computer.
Enter Little Snitch, a simple preference pane program that blows the whistle on programs attempting to access the network. If a program tries to access the Net, a dialog box appears telling you the program’s name and the URL and port it is attempting to open a connection with. (Unfortunately, Little Snitch can’t tell you what data the program wants to transmit.) You then have the option to allow or refuse the connection, or to create a rule to govern future attempts.
Little Snitch comes with a default set of rules, allowing local connections by any program, permitting Internet Explorer to surf the Web, and such. (I don’t use Internet Explorer, thus the error message in the picture above.) It’s a simple matter to add a rule for a program that’s not part of Little Snitch’s defaults, either from the preference pane or by creating a rule the first time that program attempts to access the Net.
The window above shows the only connection attempt Little Snitch caught that caused some concern: mostly, it’s caught things like BBEdit and Acrobat Reader trying to look for updates. But I’d never heard of slpd or the URL it was attempting to contact. A complete search of my computer turned up no matches of a program by that name, heightening my concern. A search on Google turned up this excellent site which lists and explains a number of background processes that run in OS X, including slpd.
See, for me, part of the draw of a program like Little Snitch is that OS X sometimes leaves me feeling like I’m not really in control of my computer: it’s off doing things that I don’t understand and may not even be aware of. Little Snitch lets me feel a little bit more in control: if data is going to leave my computer through some unusual channel, I’d like to know about it. In turn, I can become a more informed computer user.
The only real drawback of Little Snitch is its inability to identify connections made by programs running in the Classic environment. It can either permit or deny all connections from all programs running in Classic; limitation by application, URL, or port is not possible. Frankly, I consider this a minor issue since testing Little Snitch’s Classic compatability marks the first time I’ve fired up the Classic environment in many months. Still, it’s a shortcoming you might want to be aware of if you use Classic.
Curiously, Little Snitch does a bit better with VirtualPC. While it cannot recognize which program within VirtualPC is attempting to make a connection, it can tell you the URL and port being contacted, affording you a greater level of control than you have under Classic. It’s still not perfect, though: if you want to allow IE for Windows to connect to port 80, for example, you have to allow all Windows programs that VPC might run to connect to that port.
Little Snitch is a simple program that does an admirable job keeping you informed of outgoing network connection attempts you may not have knowingly or deliberately initiated. Its interface is clean and straightforward, and rules can be easily created to prevent Little Snitch from becoming a Little Pest. If you’d like to feel a bit more secure and in control of your Mac, Little Snitch is well worth a look.