You are not logged in.
Pages: 1
I want to clarify my past comment about LittleSnitch being a 'pain in the ass".
LittleSnitch is only a pain in the beginning -- until you 'train' it on what to allow and what to block.
As LittleSnitch builds-up its rule set it becomes less and less intrusive until it only alerts on "new"
outbound connect attempts.
At this point I will not use a Macintosh without LittleSnitch installed and I encourage all Mac users to
install it.
I do not want my previous comment to give anyone the impression that LittleSnitch is not a great
application. Its use is vital to see exactly what information is flowing out. But in the beginning, it
alerts a lot, which only illustrates how many browsers and websites are trying to take user information
in the background, without any notification.
Jeff, great idea using the screen shot! Damn, which I had thought of that -- before I did all that typing.
Yup, LittleSnitch is a real eye-opener. Everyone runs a firewall to block the bad guys from getting in but
never thinks to check to see what's going outbound.
Every popular website has a myriad of attempts to dump data from the visitor's browser. Most people
don't realize how much data flows out since their not monitoring their outbound data.
Chrome (which includes epic for now) is the frackin' worst since it constantly tries to connect back to Google.
If you block one outbound connection attempt it just tries another path a few minutes later. Chrome never
gives up until every single outbound path it knows is blocked -- and its invisible to most users
Sure, but there is really nothing to recreate:
1. You need an Apple Macintosh with "Little Snitch" installed:
'http://www.obdev.at/products/littlesnitch/'
I think they offer a limited time free trial. Its cheap enough, so I just purchased it.
It tracks and optionally blocks outbound network traffic. Note the 'outbound'. It is NOT a firewall.
I suggest checking that once installed LittleSnitch is set to "factory defaults" to get started.
2. Install epic bowser and fire it up. LittleSnitch will soon become a "pain in the ass" as it blocks and pops up
an alert on every outbound network connecton -- until you train it as to what to allow and what to block.
For example, using epic to just browse to this website to check this forum resulted in the following "epic wants to connect" alerts
that relate to google:
1. ssl.gstatic.com on TCP port 443 (https)
2. ssl.google.com on TCP port 443 (https)
3. safebrowsing.google.com on TCP port 443 (https)
4. alt1.safebrowsing,google.com on TCP port 443 (https)
5. sb1.google.com on TCP port 443 (https)
6. clients2.google.com on TCP port 80 (http)
<time spent typing this reply>
7. clients1.google2.com on TCP port 443 (https)
Some of these alerts are probably redundant, since I denied all these requests to connect. Note that these are only the connection
attempts that relate to google -- the other outbound connections, of which there were many, were allowed (for now).
is this traffic innocuous? I don't know. Thats the problem. I personally don't feel like running "Wireshark' to check every packet
of network traffic going out.
To be fair Chrome results in the same outbound traffic, so this is not a epic problem. But I think it does illustrate how much
information Google tries to capture from our web browsing.
Since I have "Little Snitch" installed on my Mac I can see every outbound communication attempt.
After using epic for a few hours it appears that epic tries to connect back to Google as much as Chrome does.
I'm curious as to why that's the case.
I've configured Little Snitch" to selectively block Chrome's constant chatter back to Google. If I have to do the
the same thing with epic I see no reason to use it.
Does epic run in "incognito mode"? I see no indication of whether incognito is on or off.
Pages: 1