The ultimate question

General discussions about Little Snitch
Post Reply
Katan

The ultimate question

Post by Katan » Sun Sep 23, 2007 12:38 pm

How can we know that LS is not the ultimate trojan. The first thing it does if I want to install it is ask me my password ! Why should I trust this company ? If ever there was an application that has to be open source this is the one. Reactions please.

Guest

Post by Guest » Wed Sep 26, 2007 8:19 pm

Agreed. There is another thread about the same thing. Somebody recommended WaterRoof. I am looking into it. Not sure it blocks outgoing like LittleSnitch, though. Just a GUI for the built-in firewall.

Someone should start an open source project already. This is a very important thing. On Windows PC, ZoneAlarm blocks outgoing "phone home".
We need more options on the Mac.

(clamXAV is a free virus protection program that uses OpenSource virus definitions that are updated daily. Very transparent and trustworthy. We need that for our privacy/firewall protection as well.)

Is the code to Little Snitch OPEN? If so, can somebody please verify that there is no funny business?
If it is not Open Source Code, Perhaps the author of Little Snitch would open it for us? We would all sleep better.

Sorry if I sound paranoid. If I wasn't, then why would I even bother with a program like Little Snitch? How do we stop Little Snitch from "phoning home"?
Now that I posted this, ObDev has my IP and MAC address. hmmm.

Guest

Post by Guest » Wed Sep 26, 2007 11:06 pm

Hi Paranoids,

how do you know that your mother is actually your mother? :?

I'm pretty sure that ObDev earns its money by writing decent software for the Mac They seem to be a small company that can only survive by writing good software and being honest with their customers. If you look at their licensing terms, the way they demo their software, how they document bugs, support their customers in this forum, etc. you'll either come to the conclusion that they earn their money by writing software and not by spying on their custorems or you are really being paranoid. :roll:
Open sourcing Little Snitch would deprive them of one of their revenue streams, so it sounds stupid asking for that.

My 2 Euro cents
Chris

pbGuy
Posts: 4
Joined: Sun Sep 02, 2007 7:27 pm

Internet Paranoia

Post by pbGuy » Thu Sep 27, 2007 12:45 am

I think the initial Post's question is a fair one, and I also think the 2 prior Replies make some valid points. :)

Someone from Objective Development should provide a reply here. If nothing else, such a reply might lower some, paranoid anxiousness about Little Snitch. :wink:

After all and given the nature of Little Snitch, there is certain trust being applied when installing and using this software. 8)

norbert
Objective Development
Objective Development
Posts: 648
Joined: Thu Nov 09, 2006 6:30 pm

Post by norbert » Thu Sep 27, 2007 11:03 am

How can we know that LS is not the ultimate trojan.
...
How do we stop Little Snitch from "phoning home"?

Little Snitch does not phone home. But I'm an obdev guy, so why should you trust my statement?

Mac OS X has some built in tools that let you monitor any incoming and outgoing network traffic (e.g. tcpdump or fs_usage). You may use these tools to check yourself whether you can trust Little Snitch or not.

Furthermore, Little Snitch is widely used. If it did some inadequate things, people would have already found out by using network sniffing tools such as those mentioned above. And why should we do such nasty things at all? We would just lose our reputation and ruin our own business.
The first thing it does if I want to install it is ask me my password!

It's necessary to install Little Snitch at the system's kernel level, otherwise it wouldn't be possible for Little Snitch to intercept network traffic and to prevent unwanted outgoing communication. And kernel level installations do require administrative privileges.
Why should I trust this company ?

You don't have to. But then you'll have to trust all other companies whose software is running on your computer...
Now that I posted this, ObDev has my IP and MAC address. hmmm.

Run Little Snitch for a while and you will be surprised how many other companies already have your IP address as their applications did phone home in the past without your knowledge...

reinard

Can we trust this company?

Post by reinard » Thu Sep 27, 2007 2:44 pm

norbert wrote:
How can we know that LS is not the ultimate trojan.
...
How do we stop Little Snitch from "phoning home"?

Little Snitch does not phone home. But I'm an obdev guy, so why should you trust my statement?


He ist right I think. If you do not trust them you have to trust blind all the rest. I use LS for a long time. And I am sleeping better WITH it. Specially with this new monitor

Guest

Post by Guest » Thu Sep 27, 2007 9:12 pm

To Norbert:

Thank you for joining this thread.

"Little Snitch does not phone home. But I'm an obdev guy, so why should you trust my statement?"

Actually, hearing it from you does help.
Thanks for listening to our concerns and responding.

Post Reply