To force back the tears of genetic injustice, I check out Mac and iPhone apps for fun and frolic. One that caught my attention long ago answered this question.
Just how secure is your Mac? It must be more secure than we think because Apple doesn’t even bother to turn on the firewall in macOS Sierra. The default setting is off. I’m not the geekiest Mac user on planet earth but I know what a firewall is and what it does because N.C.I.S. A firewall may protect your Mac from hackers and malware bots trying to sneak into your Mac, but what about apps and malware already on your Mac? You’d be surprised to know how many Mac apps phone home and send data from your Mac. How can you find out? There’s one easy way.
Little Snitch could easily be billed as a reverse firewall. It protects data on your Mac from being sent from your Mac, and lets you know who is doing the sending (phone home in geek parlance).
How does it do that? Little Snitch closes all outgoing network communication from your Mac. Then, one by one, it allows appropriate and acceptable apps to connect to the internet through your local network. That includes Mail, Safari, Calendar and Contacts, and other obviously legitimate apps which you need to check for updates, connect to iCloud, and so on.
Once installed, Little Snitch monitors your Mac’s network connection. Any app that wants to use the network is stopped until you give it the OK.
What’s impressive about Little Snitch isn’t the protection it offers. You get what you expect. An outbound traffic guardian that stops apps dead cold from phoning home. What’s really impressive is how many apps on a Mac are trying to connect to your network or the internet. That’s the phone home part.
To keep you apprised of network connections, Little Snitch has a Network Monitor which works in real time so you can see what’s going on with apps that connect to the network, how much bandwidth is used at the time, which apps have been denied access, with options to zoom down from the last hour to one minute.
There’s plenty more going on behind the scenes. Little Snitch can be setup as an incoming network firewall to block connections from the internet so you get something of a front-end firewall, too.
Initial setup and operation is sufficiently easy that Mac newbies can install and use Little Snitch but geekier Mac users will appreciate rule options, ruleset analysis, domain-based rules, and the simplified alerts.
If I had to choose only one app to manage both incoming and outgoing network connections to help lock down my Mac from both intruders and malware already on the Mac, it would be Little Snitch. That said, all those pop up alerts after initial install can be annoying, and there are many. Setting up and managing rules is not an effort for the faint of heart. It’s complex. But in the end you get your Mac geek on and can sleep better at night knowing that those trying to get into your Mac have as much trouble as apps on your Mac have phoning home.