Flashback malware and Little Snitch

Posted on by Mike Evans

According to Macworld, sales of security software for Macs have jumped following last week’s Flashback malware scare. Although I have used the free VirusBarrier Express, available in the AppStore, for regular scanning of my computers, I haven’t felt the need for a full-blown monitoring program. One of the refreshing things about switching from Windows to OS X is the immediate freedom from the nosiness of Norton and its ilk. Still, the Flashback episode makes you think.

I did notice that in the initial report of Flashback there was a reference to Little Snitch. Apparently, if Flashback finds Little Snitch it goes off and seeks greener pastures. I’d read good reviews of Little Snitch so I decided to invest in a family pack at a cost of €59, plus VAT.

Little Snitch monitors network activity and asks your permission for all connections. Initially there is a stack of requests from all the usual suspects, including Dropbox, Apple and all your on-line services. You can choose to deny, allow temporarily or allow forever in all cases. The system learns and, after a few days, there are fewer and fewer requests. This is all very sensible, as long as you keep your wits about you and pay attention to requests instead of automatically accepting. Wherever I have had the slightest doubt I’ve allowed temporary access.

What I have found disturbing is the number of access requests that come when accessing some popular technology sites. Google Analytics is an obvious and is not a problem. However, on one site I noted no fewer than six specific site requests, including Crowdsourcing. I’m not quite sure what this is and I’m not much wiser after reading the Wikipedia entry, but I assume it is all to do with monitoring what I’m up to. I’ve discovered I can deny most of these requests while still being able to view sites. For this alone, Little Snitch is proving its worth.

∞ Permalink