I discovered Little Snitch when I was on a quest to reduce online tracking.
To set up Little Snitch it took two weeks of:
- Just a whole lot of searching online. For that In the first week I used another browser that I hadn't locked down as much as I had locked down Chrome, which was my main goal.
- trial and error. When still in doubt after the googling, make it a temporary rule first. In the worst case scenario you just restart your computer. but I personally didn't run into any problems. If I had blocked too much, I could always just unblock it.
- Knowledge of some nerdy things is useful, I'll admit. What a port is and what some common harmless ones are (25,80,443). The difference between TCP and UDP (TCP is most used, UDP is for streaming), and how what apps should be logicaly be allowed to connect to the local network (netbios for example), but have no logical reason to talk to the wider internet.
See it as a journey of discovery into the jungle that is your laptop's inner working.
I split my thinking into two domains:
- When it comes to all the (background) applications on my computer, I'm quite forgiving. Googling a lot helped me learn what all the applications were and what they did. Something tried to connect to "pancake.apple.com" for example, made me laugh. I totally blocked the GEOD app, which tries to determine your location. I don't use of want that, so I blocked it.
- I am most fascinated by seeing all the things websites try to connect to. I now user Chrome for most browsing, and Firefox for logging into social media like Linked-In, Facebook and the like, which I do rarely. This allowed me to block anything related to Facebook/Linked-in/Twitter on my normal browser.
In order to not go crazy with requests from my browser, I also did some other things to block outgoing requests:
- I installed browserplugins uBlock and uMatrix. uBlock filers knows offenders. And uMatrix is like HandsOff, but only for inside your browser. I also still have ScriptSafe and Privacy Badger installed, although they overlap a little now in functionality. The fun thing is that a tool like HandsOff really shows you that these browser plugins are doing their work.
- I also modified my 'hosts file'. It's like an oldschool superbasic way of blocking out going connections, and exactly the thing that things like Little Snitch and HandsOff turn up to 11. You can find lists of dubious websites online (someonewhocares.org/hosts), and by copy-pasting that into your hosts file, you block them at the root. It's yet another layer of blocking.
OTHER WAYS TO REDUCE TRACKING
I also did some other things to reduce tracking (by Google specifically)
- I switched to using Qwant as my search engine. It's awesome!
- I have a Synology NAS at home, and started using that as my calendar and contacts server instead of Google. The DavDroid app syncs that with my phone when I am connected to the home wifi. Calendar and Addressbook on my mac were even easier to set up.
- I didn't use Pi-Hole, but it's an interesting way to block advertising for your entire network in one swoop.
To reduce tracking in the real world:
- The WifiToggle app turns off my Wifi when I leave the house (and back on again when I return), based on the GSM signals it detects.
Because I work in the field of privacy this has been relevant research. it might be overkill for you
In any case, my experiment to reduce my depence on Google has been surprisingly painless.
I did switch to HandsOff instead of Little Snitch though. I didn't want to, Little Snitch has a more polished user interface. But it didn't seem to offer me the ability to block based on DSN resolving, which I needed to have more finegrained control towards Google's services.