OCAU, I would just like to introduce and write an unbiased user review of a piece of software I heard about recently on OCAU. That software is Little Snitch. At the time of writing, it is in version 3.5 and is fully compatible with OSX Yosemite 10.10.1. Here is the manufacturer address for more information: http://www.obdev.at/products/littlesnitch/index.html Little Snitch is a lightweight, robust and thorough application that runs on OSX protecting your Mac from unauthorised connections. It is fundamentally a robust firewall, and a highly configurable one which enables a user to make a wide variety of rules through a simple user interface that offers powerful features. 0. Purchasing Although it is a great piece of software, Little Snitch does come at a hefty price of 30 Euros. Personally, I would have liked to see a lower price, but it is really up to the user to value their privacy. For 30 Euros, it was really a no-brainer, I would buy this software in a heartbeat. 1. Installation The installation of Little Snitch is very simple and just involves one installer. It does require Administrative permissions so please bear that in mind before installing. After the install is done, Little Snitch requires a reboot. So save all your work before you get started! 2. Interface The interface of Little Snitch is quite simple, easy to understand and intuitive. Network Monitor: http://i.imgur.com/wCO358P.png The layout of the network monitor easy to understand and provides a lot of information in a small window. On the first column, process names are shown correlating to the servers accessed as well as a activity indicator (two anti-parallel arrows). The arrow pointing down indicates the download activity, where as the arrow pointing up indicates upload activity. If any process attempts a blocked connection, the text will be highlighted in red, such as in the case of 'netbiosd'. On the bottom half of the screen, this is a graph showing the cumulative network activity. If a mouse is hovered over the graph, three indicators show up, one being the 'x min y secs ago', and the other two showing the speed of the connections. Alternatively, markers such as "Safari launched" are also shown. The slide bar down the bottom changes the scale of the graph should you wish to zoom in or out, and the settings cog allows you to specify exactly what the scale of the graph is. Top Left Icons, starting from the left: 1. Allows the user to sort processes by activity, name, or server connections 2. Show/Hides the network activity chart 3. Cumulative network information Here, the top left icons could be better designed, the first icon could instead be a filter funnel shape or something that is more intuitive. Furthermore, the second button could also be more intuitive with perhaps half the box greyed out or a line graph icon to indicate that it is showing or hiding the network activity chart instead of just a simple blackbox. Information in Network Activity Monitor: http://i.imgur.com/KEXiRpl.png Once clicked, this window appears showing the finer details of each process. Although the other information in this window is useful, this window is the most disappointing in the entire program as the exact specifics of the address the server connected to is not displayed, only '2 Servers'. Perhaps the developer could at least provide us an IP address or domain of those servers and additionally, if a file is downloaded, it could also possibly display the direct download link of the file. Attempted Unauthorised Connection: http://i.imgur.com/3nMjbbD.png Once installed, many of these windows will start popping up. I agree that they may first seem annoying and there appears to be no end to the amount of windows popping up, however, once set up, it provides you with a secure firewall which also assists in blocking incoming connections as well as outgoing connections. These popups will also open your eyes to the amount of connections apps are 'phoning home' to. The popup is self-explanatory, simply choose the period that the connection is allowed or denied, the type of connections you would like to allow or block (e.g. Mail will require IMAP ports), and hit Allow or Block. The option to block by domain or sub-domain is also available. It may seem daunting at first about the number of options you have to choose from, but you will quickly adjust in a matter of hours like I have. If you make a mistake, don't panic, the Rules page in the application will allow you to correct any connection you might have accidentally approved or denied. Rules: http://i.imgur.com/r5vYgNV.png The rules page is an extension of or rather a database format of all the popups rules you have selected. The page is self-explanatory and any edits can made by double clicking on the rules. The search box feature is also extremely handy for looking up any rules quickly and easily. Furthermore, new rules can be added with the same level of complexity compared to the popups so an unauthorised connection doesn't need to be made in order for a rule to be set. This is the most impressive aspect of the application. The ability of developers to convey so much information in a simple to use GUI and make it intuitive and easily accessible for users to change and manipulate is frankly outstanding. http://i.imgur.com/QJkl8uw.png This is how Little Snitch lives in the menubar. Any activity will show up and their connection speed numbered. It is also a great way to monitor your download speed in a download manager without having its window open. 3. Silent Mode If you are especially bugged about the number and frequency of popups that come up when you initially install the program and frankly do not have the time to set it up by individually reviewing each unauthorised connection, you can simply choose silent mode to allow or block all connections. Little Snitch will then log all of these connections and it can be reviewed at a later stage, saving you time whilst also keeping track of which apps made connections. 4. Automatic Profile Switching Profiles can also be made depending on your Wi-Fi network. Little Snitch is able to independently set rules for different wifi networks. This will come in most handy when you don't want programs such as uTorrent to be left running whilst you are connected to your university or work wi-fi to save yourself from some hefty fines. Conclusion The developers have clearly done a great job at portraying the most amount of information in the easiest format to comprehend. The layout of information and features in a easy to use format provides users with an extra sense of security using their Mac on a day to day basis. For the price of 30 Euros, I hoped this piece of software was able to tell me which servers which apps were connecting to, however, as it is marketed as a program that protects your privacy and not something to analyse your network traffic, Little Snitch's Developers are not at fault. Overall, I would highly recommend this program to anyone who is security conscious. This program is obviously not designed for your grandma as anyone who is not technically inclined will heavily be confused at the technical jargon that comes up almost on a daily basis. However, to those that care and is concerned about their security, Little Snitch is an excellent, easy to use package that is full of features which makes your Mac just that little bit more secure. For its purpose, its target audience, the UI and the features, Little Snitch is an excellent program which offers the best utility in its category (and I have tried Hands Off) and does indeed protect your privacy.