• Skip to content
  • Skip to primary sidebar
  • Skip to footer

Foliovision

Making the web work for you

Main navigation

  • Weblog
    • FV Player
    • WordPress
    • Video of the Week
    • Case Studies
    • Business
  • About
    • Testimonials
    • Meet the Team
    • We Support
    • Careers
    • Contact
    • Pricing
  • Products
  • Support
    • FV Player Docs
    • Pro Support
  • Login
  • Basket is empty
Affordable VAST/VPAID for Wordpress has arrived. Serve ads with your videos starting today!

Little Snitch shortcoming: Badly needs wildcards

13 January 2010 / Alec Kinnear / 4 Comments

In this day and age, running a computer without some kind of an outgoing firewall is like driving your car with your eyes closed.

There are so many malfeasors – from phishers to corporate spies – trying to track you and place you and grab you every time you check your email or you browse the web, that everyone needs a firewall.

You can test this on OS X by installing Little Snitch and scrolling through your messages. A few of the outgoing calls are for innocent images, mainly they are for tracking tags and tracking images.

Little Snitch Edgesuite
Little Snitch – a few of the Edgesuite calls on one week fresh install!

Little Snitch is free for 3 hour periods at a time so it can be installed to test and find out what domains you’d like to be blocking.

For long term blocking of nasty sites OS X, your solutions are threefold:

  1. buy an outgoing firewall, i.e. Little Snitch. A bit pricey at $30 a license but it’s Little Snitch or go hungry
  2. configure your hosts file to block most of the major offenders (people do keep lists)
  3. use GlimmerBlocker control panel to block the baddies via internal proxy (works on all browsers)

Of the three, GlimmerBlocker was the best and the simplest. Until after a year and a half GlimmerBlocker decided to seize up and prevent me from editing WordPress sites. Apparently it’s database got full or something. I lost eight hours trying to troubleshoot this mystery when I desperately needed to work so GlimmerBlocker is banned now. A pity as GlimmerBlocker is free.

A hosts file is also great. By adding bad sites to the hosts file and redirecting them to localhost (127.0.0.1) you stop them dead in their tracks.

One of the more complete lists of domains to block via hosts is kept online here: http://www.mvps.org/winhelp2002/hosts.txt

To edit your hosts file on OS X, the quickest way is to use Terminal to give TextEdit root access to the hosts file.

  1. Open a terminal window and type the following: sudo /Applications/TextEdit.app/Contents/MacOS/TextEdit /etc/hosts
  2. Hit return and enter your admin password when prompted and again hit return.
  3. Your Hosts file should automatically open in TextEdit.
  4. Copy the hosts from http://www.mvps.org/winhelp2002/hosts.txt or ssomewhere else (mvps wastes a lot of space on the x-rated zone for those of us not into: alternative suggestions to mvps welcome)
  5. Paste it into your text hosts file.
  6. Save.
  7. Test that hosts is working by browsing to one of the domains listed in mvps.
  8. Continue to edit and save at your leisure (at each save the hosts file is updated and live: well done Apple).

Unfortunately both LittleSnitch and the hosts file suffer from the same fatal flaw. They don’t allow wildcards. So for instance, one of the worst bits of spyware around is Infusionsoft. Every time you get an email from a subscriber of infusionsoft they want to know if you opened it. Therefore every image is specific to you. But each user has his or her own subdomain, i.e. empowered.infusionsoft.com.

If you block infusionsoft.com in hosts with 127.0.0.1 infusionsoft.com, you will only block the homepage. You would have to block 127.0.0.1 empowered.infusionsoft.com for each and every Infusionsoft subscriber who sends you email.

Little Snitch automates this process and allows you to make the block application specific. I use Apple Mail exclusively as my email client (looks great, full feature set and very fast, btw) so Little Snitch and I pick off these offenders one by one.

What I really want though are wildcards in Little Snitch so that I can ban all infusionsoft.com subdomains with a single *.infusionsoft.com within Apple Mail. The same applies for edgesuite.net within Apple Mail (Edgesuite is for corporate email spies like Apple and eBay, Infusionsoft is for slippery marketers like Rich Schefren and friends like Mike Filsaime).

When is the Objective Development team going to get off their backsides and improve Little Snitch by adding wildcards? There is a three page thread in their forum which goes back to 2004 asking for subdomain blocking in Little Snitch. What’s particularly galling is that ObDev have not even bothered to answer our concerns.

Until Objective Development add a subdomains/wild card feature to Little Snitch, you may want to hold off on the purchase. Managing outgoing requests one subdomain at a time is very tedious work.

In the meantime, if you’d like to block certain domains or you have doubts about a certain piece of software, there is a free solution. You can turn Little Snitch on for three hours while you deal with spam email or install new software, take note of the domains you’d like to block and then add those domains to your hosts file.

Alec Kinnear

Alec Kinnear

Alec has been helping businesses succeed online since 2000. Alec is an SEM expert with a background in advertising, as a former Head of Television for Grey Moscow and Senior Television Producer for Bates, Saatchi and Saatchi Russia.

Categories: IT

Related Posts

  1. Apple Mail: How to avoid being tracked yet still see images

    Apple Mail: How to avoid being tracked yet still see images

  2. Apple Mail: Getting rid of multiple draft messages in IMAP

    Apple Mail: Getting rid of multiple draft messages in IMAP

  3. Apple Mail: Fixing Broken IMAP accounts after a server move

    Apple Mail: Fixing Broken IMAP accounts after a server move

Reader Interactions

Comments

  1. Roland Hjerppe 14 January 2010 at 5:09 am

    An alternative to mvps can be found at someonewhocares.org/hosts/ – I have not compared their lists.

    Reply
  2. Chaisi 10 November 2010 at 7:49 pm

    Hi…

    Just thought I would post my findings and this may help a few to understand… Little Snitch and the wild card thing!!!

    I added a simple rule… Deny All Applications from connecting to DOMAIN “adobe.com”… I used Adobe because they have a large network, ideal for demonstrating this feature… ;-)

    All of the IP addresses followed by “via DOMAIN adobe.com” in the list below, were retrieved by Little Snitch on creating the rule DOMAIN “adobe.com”… You can get the IP addresses retrived by clicking the info symbol in the top right of the Little Snitch window…

    I then added a bunch of deny by HOST rules for sub domains of adobe.com… All of the lines / IP adresses that do not have “via DOMAIN adobe.com” are from these rules…

    I have combined all the returned IP addresses from the DOMAIN adobe.com rule and sub rules together as a list – see below.

    As you can see from the list I needn’t have added all of the rules for subdomains of “adobe.com” because it seems Little Snitch had that covered when I hadded “adobe.com” as a domain rule…

    Note: I did a few tests tweaking subdomains IP addresses via the hosts file and it seems like Little Snitch keeps it self up to date with DNS changes to domains…

    Little Snitch keeps me happy and is perfect at what it does, Snitching on your apps when they want to talk to the world… It puts you in control which is how it should be, it’s your computer and network connection after all…

    The list

    66.235.132.154 via DOMAIN adobe.com 66.235.132.156 via DOMAIN adobe.com 66.235.132.158 via DOMAIN adobe.com 66.235.132.233 via DOMAIN adobe.com 66.235.133.24 via DOMAIN adobe.com 66.235.133.44 via DOMAIN adobe.com 66.235.133.46 via DOMAIN adobe.com 66.235.133.48 via DOMAIN adobe.com 66.235.136.149 via DOMAIN adobe.com 174.143.230.172 via DOMAIN adobe.com 192.150.8.45 via DOMAIN adobe.com 192.150.8.60 192.150.8.60 via DOMAIN adobe.com 192.150.8.100 via DOMAIN adobe.com 192.150.8.117 via DOMAIN adobe.com 192.150.11.30 192.150.11.30 via DOMAIN adobe.com 192.150.14.21 192.150.14.21 via DOMAIN adobe.com 192.150.14.69 192.150.14.69 192.150.14.69 via DOMAIN adobe.com 192.150.14.174 192.150.14.174 via DOMAIN adobe.com 192.150.16.54 192.150.16.54 via DOMAIN adobe.com 192.150.16.59 via DOMAIN adobe.com 192.150.16.60 via DOMAIN adobe.com 192.150.16.72 via DOMAIN adobe.com 192.150.16.103 192.150.16.103 via DOMAIN adobe.com 192.150.16.108 192.150.16.108 via DOMAIN adobe.com 192.150.16.116 via DOMAIN adobe.com 192.150.16.117 via DOMAIN adobe.com 192.150.17.247 192.150.17.247 via DOMAIN adobe.com 192.150.18.63 192.150.18.63 192.150.18.63 via DOMAIN adobe.com 192.150.22.22 192.150.22.22 via DOMAIN adobe.com 192.150.22.30 192.150.22.30 via DOMAIN adobe.com 192.150.22.40 192.150.22.40 via DOMAIN adobe.com 209.46.39.53 via DOMAIN adobe.com

    Reply
  3. alec 11 November 2010 at 4:57 am

    Yes, it’s true. LittleSnitch did add wildcards recently, at least in a test version (and now perhaps in the main release).

    Do not get complacent. There’s information leaving your computer that Little Snitch can’t stop (via the default Apple connections which are allowed by default, or via special kexts installed to get around Little Snitch).

    But it’s a lot better than nothing.

    Reply
  4. Bunny Lover 17 September 2020 at 4:49 am

    I really like bunny rabbits.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

You can click here to Subscribe without commenting

Primary Sidebar

My Account

  • My Licenses
  • My Profile
  • Invoices
  • Affiliate Area
  • Log Out

Categories

  • Business
  • Camera Reviews
  • Case Studies
  • Design
  • Flowplayer
  • Internet Marketing
  • IT
  • Life
  • SEO
  • Slovak
  • Video of the Week
  • WordPress

Footer

Our Plugins

  • FV WordPress Flowplayer
  • FV Thoughtful Comments
  • FV Simpler SEO
  • FV Antispam
  • FV Gravatar Cache
  • FV Testimonials

Free Tools

  • Pandoc Online
  • Article spinner
  • WordPress Password Finder
  • Delete LinkedIn Account
  • Responsive Design Calculator
Foliovision logo
All materials © 2023 Foliovision s.r.o. | Panská 12 - 81101 Bratislava - Slovakia | info@foliovision.com
  • This Site Uses Cookies
  • Privacy Policy
  • Terms of Service
  • Site Map
  • Contact
  • Tel. ‭+421 2/5292 0086‬

We are using cookies to give you the best experience on our website.

You can find out more about which cookies we are using or switch them off in settings.

Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Necessary Cookies

Strictly Necessary Cookie allow you to log in and download your software or post to forums.

We use the WordPress login cookie and the session cookie.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

Support Cookies

Foliovision.com uses self-hosted Rocket.chat and self-hosted Freescout support desk to provide support for FV Player users. These cookies allow our visitors to chat with us and/or submit support tickets.

We are delighted to recommend self-hosted Rocket.chat and especially Freescout to other privacy-conscious independent publishers who would prefer to self-host support.

Please enable Strictly Necessary Cookies first so that we can save your preferences!

3rd Party Cookies

This website uses Google Analytics and Statcounter to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping this cookie enabled helps us to improve our website.

We reluctantly use Google Analytics as it helps us to test FV Player against popular Google Analytics features. Feel free to turn off these cookies if they make you feel uncomfortable.

Statcounter is an independent Irish stats service which we have been using since the beginning of recorded time, sixteen years ago.

Please enable Strictly Necessary Cookies first so that we can save your preferences!