Slashdot Mirror

If you have a Mac, I love and have never had a problem with LittleSnitch. https://www.obdev.at/products/...

Different OS have different AV and third party software. Connection alerts. https://www.obdev.at/products/...
Software detecting requests for any software to get persistently installed https://objective-see.com/prod...
That adds to the complexity when trying to make software work on different OS.
Malware can try and see if an OS has such software and not install to try and not get detected.
Thats more complexity to look after over different OS.

Get good AV like Intego. https://www.intego.com/
A firewall product like https://www.obdev.at/products/...
RansomWhere? https://objective-see.com/
Malwarebytes https://www.malwarebytes.com/m...

According to a detailed discussion of the malware payload, if he had used Little Snitch (or certain other network monitors), the malware would have shut itself down and not infected him.

Speaking of firewalls, does anyone know of an application-level egress firewall, like Little Snitch, for Windows or Linux?

What I'd also like is a way to tell the OS that a particular wifi connection should be treated like a cellular connection, and have all apps respect that. And I'd like a pony.

Windows:
http://www.groovypost.com/howt...

Mac:

Unfortunately, no built in solution but....
https://www.obdev.at/products/...

Have you, ever run an apple product. And blocked the transmission to the Internet? Except for a tablet, they usually take seconds to respond to your request, not milliseconds, seconds, what is the device doing? It's playing ET.

What are you trying to use? iTunes Store? App Store? Safari? Mail? Help? Spotlight with the "Suggestions" feature enabled? iCloud-"Sharing"?

That's about "it" for OS X when it comes to "Applications that depend to some extent on the Internet".

What you MAY be experiencing is also a Third-Party App (or apps) that want to phone-home. Many do. Apple has no control over those, of course. But you certainly can .

For Computers - OS X and Little Snitch https://www.obdev.at/products/...
A bit costly but it does the job you want.
Also, OS X being a UNIX machine, you can use your hosts file.

Making an input device and need to present it as a USB HID device? Forget about the ESP; you need a Leonardo (AT32U4) or reflashed Uno for that.

Wrong. I mean, yes, that works, and I've done it. But it's not the only way to get USB HID out of an Arduino. You can use V-USB, a zener diode and a couple of resistors for that. You need either a 12 MHz, 15 MHz, 16 MHz 18 MHz or 20 MHz crystal or an AVR with a 12.8 MHz or 16.5 MHz internal RC oscillator. Digispark for example uses an attiny85 which has the 16.5 MHz internal clock.

The question for would-be ESP users, of course, is whether the ESP can run V-USB. I'd guess no. But maybe I'm wrong.

You're completely correct, but testing with Little Snitch shows that Apple is fairly well behaved in this regard. At least for now.

When I had a Mac, I used Little Snitch, which does exactly what you're describing. https://www.obdev.at/products/...

Have you tried Little Snitch?

Another plug for Little Snitch. It does exactly what you are describing.

Have you tried Little Snitch? When an app tries to open an outgoing port, it intercepts it and pops up a dialog giving you the option to allow the app to open any port, just that port, just to that target -- and then you can qualify that with once, until reboot, or forever.

You can edit these settings later if you have a reason to.

I've found it to be very useful, and certainly not difficult in any way.

Not affiliated, just a happy customer.

Actually if you fig a bit deeper there is something interesting about this project. Look at the USB stack - it's all done in software using GPIO pins! Very clever. There's a company that wrote the USB stack. You can get it GPL licensed for free or you can pay for a BSD license, but they start real cheap

http://www.obdev.at/products/vusb/license.html

They've got a load of projects too

http://www.obdev.at/products/vusb/prjobdev.html

If you go above 10,000 units you probably pay more but by that point you can afford it.

Very interesting mix of clever code and a well thought out business model I think.

Actually if you fig a bit deeper there is something interesting about this project. Look at the USB stack - it's all done in software using GPIO pins! Very clever. There's a company that wrote the USB stack. You can get it GPL licensed for free or you can pay for a BSD license, but they start real cheap

http://www.obdev.at/products/vusb/license.html

They've got a load of projects too

http://www.obdev.at/products/vusb/prjobdev.html

If you go above 10,000 units you probably pay more but by that point you can afford it.

Very interesting mix of clever code and a well thought out business model I think.

Here you go http://www.obdev.at/products/vusb/index.html
vusb is a USB stack for the AVR line of chips. They even have a diagram of how to wire it up. You could also just use any number of micros that come with a USB interface.
As to the number of parts needed to blink an LED using the USB port... You could do it really simply with this http://www.ftdichip.com/Products/ICs/FT232R.htm

It's an ATTiny ($1.08 in quantities of 1) with V-USB (software only USB), most likely.

You could easily drive a strip, with animations and all, using a a cheap shift register or a dedicated led array driver.

Hmm. I tried to post a link to this to my Facebook account using Firefox, but couldn't. I block ads and trackers (and Flash) so all of this web interconnectedness just stops working. Safari hung so I was left running this though Goggle's grubby little, but not doing evil, fingers using Chrome. I use Little Snitch (Do you?) I connected to the NYTImes.com and Facebook only, but 51 servers were called. Why? What oversight do any of these extra servers have? Who are they? Why do I have to provide a unique bar code to get a sale price at Walgreen's? The Supermarket? How is this NSA graph different then Facebook Graph Search?

And still, all of these posters want me to freak out over this. Why? What is that obvious thing I am missing?

If the internet is a commons then what expectation for privacy do you have? If you walk around in the street you can be watched. Anyone can go though your garbage once it's off your property. Someone can glance over the mailman's shoulder and see what mail you are getting.

To Quote Steve Fankuchen of Oakland CA on the NYTImes web site (Am I allowed to do this, or is this the private property of the New York Times Inc and must be defended with my many guns?)

Why anyone ever thought any of what they did online was private has always been a mystery to me. But, then again, I am a dinosaur, veteran of earlier versions of the same sort of activity.

Unfortunately, what people, especially young ones, don't seem to get is that as odious and unconstitutional as government spying on Americans is, there is at least some accountability there. The reality is that individuals (whether you want to call them whistle blowers, hackers, traitors, or patriots) in the government have access to and can release information whenever they want. (Snowden is an excellent example.)

Worse, corporations have no real accountability for their actions regarding the amassing and release of data, and if you think Mark Zuckerberg and Sheryl Sandberg can be voted out of office, let alone go to jail, you have been doing way too much drugs. (Here one might consider the banks as a somewhat parallel example.)

I expect it will take a generation or two coming of age with this reality before people start changing their online behavior. Once the technology is there, laws are only effective at the margins.

A comic strip many years ago (it may have been Pogo) had two kids talking on tin can phones. A third has his off to the side, connected to their line. One of the two says to the other, "Who's he?" To which the other replies, "Oh, he works for the government."

Tin can phones? Yes, I am dating myself.

I think the people posting on and on and on about their privacy need to grow up a little and realize what he internet really is not. Private or Free. The fundamental deal of the internet is that you give away your privacy in exchange for free data.

an Arduino plus an Ethernet shield (around $60).

You can get it for a lot less than $60 of you don't buy official Arduino hardware.

eg. A $6 Arduino clone: http://www.ebay.com/sch/i.html?_nkw=arduino+pro+mini plus a $12 W5100 module: http://www.ebay.com/itm/111025516885

(or use a $4 Ethernet module if you don't need the official Arduino Ethernet library: http://www.ebay.com/sch/i.html?_nkw=arduino+ENC28J60 )

if you can overcome the IO problem

You can build an Arduino USB I/O controller for about $1.25 with a Tiny85 plus a copy of v-usb

but the thing is, quite easily these solutions start costing more than a raspberry pi costs

You can make one of those with an Tiny85 and a copy of v-usb.

Total cost: $1.25 for the chip plus some perfboard and wire.

If you need more I/O pins, step up to a Tiny84 or even a Mega328 (if you can afford a $3 chip!)

Some security software actually does just that (to varying degrees). For example: Little Snitch, Gatekeeper (classic Mac OS), Gatekeeper (OS X), and so on.

The problem is that it's really hard to identify certain types of attacks in that way. For example, if there were a security hole in a web browser, unless the attacker modifies the browser to send data over a port other than port 80 or port 443, any side channel retransmission of your data is likely to be entirely transparent to any sort of external profiling that you could reasonably do. This is why it is so critically important to make sure that web browser code is, in fact, robust against attacks to begin with.

This is also arguably a valid reason for moving away from general-purpose browsers for high-security transactions, and using separate apps instead. For example, a banking app would be whitelisted for the bank, period, and if it tried to communicate with any other server, that would be suspicious.

Or we could just pass a law requiring that all financial transactions be signed using a non-Internet-connected PK crypto dongle and be done with it, but I digress.

Maybe ya'lls need to install "Little Snitch".

That is, if you slipped into Slashdot under false geek creds, and don't know how to configure and monitor pf.

Hopefully LIttle Snitch alerts about this, and can block it?

OSX is a unix of course it allows insertion of software between the real and virtual TCP stack, the dev filesystem.

Here are two common utilities that wrap that functionality:
http://www.metakine.com/products/handsoff/
http://www.obdev.at/products/littlesnitch/index.html

I use Little Snitch to watch for such things. Unfortunately, with modern software bits and pieces are always calling home. I spend a few hours a week looking up stuff to find out who is doing what.

I know I'd be completely lost without LaunchBar on OS X:

http://www.obdev.at/products/launchbar/index.html

I initially thought that entering keyboard commands to run a program was completely opposite what a GUI was supposed to offer, but being a command-line driven guy (hey, I'm getting old!), it was amazingly intuitive, not to mention blazingly fast. I rarely use the toolbar to start programs any more, let alone navigate through the Applications folder.

Definitely recommended for all you OS X folks out there.

Many people have already pointed you to prefab solutions like you asked for, but some of them are a bit pricey; If you are going to have "lots of knobs" and the phidgets encoder gives you a single USB knob at 20 bucks, you might want to considering building your own or contacting an Arduino enthusiast who can pull off a custom model. As you can see, There are plenty of AVR based USB projects out there. A single ATMega has 6 a/d converters which you can use for rotary knobs, and at least 8 binary inputs which can be used for switches.

Yea we know about V-USB

http://www.obdev.at/products/vusb/index.html

move on

I have no idea what exists for Windows or X-Box, but those of us that use OS X have Little Snitch.

Little Snitch pops up an alert anytime an application attempts to access the Internet. No matter what app you may be using at the time, Little Snitch pops up that alert box.

You then have the option to allow/deny either once, until you quit that particular app that triggered the alert, or forever.

You can even get some more detailed info on the attempt via the alert box.

If/when drivers for Kinect are available for OS X, having a Kinect atop my flatscreen TV, and the TV/Kinect hooked to the Mac/Skype/iChat/FaceTime would be insanely cool.

And all watched over by Little Snitch, making sure that the only time I'm on an Internet video feed is when I decide.

...in a user account when online, NEVER as Root, and Little Snitch is ALWAYS running in the background in ALL accounts, especially Root.

Ad Block Plus is also running at all times, that helps to eliminate the threat posed by hijacked banner or other ads.

Yes, the potential for the Mac to be compromised is there, but I'd have to do something really stupid to get malicious code onto the machine.

(Insert your own gratuitous but not unwarranted slams against the Windows OS here.)

And if you're on OS X, you should get Little Snitch and Menu Meters!

Devices based on V-USB (software only USB implementation for AVR microcontrollers) are probably worth a look because designs you can copy are so numerous.

This is one of the most versatile. I doesn't support the Apple IIc yet but the BBC joysticks had a similar capability so the only difference is likely to be in the adapter lead:

http://denki.world3.net/retro_v2.html

Perhaps you don't want to make your own circuit board. If so, I had a quick look at the retro's schematic and reckon you should be able to get the retro firmware running on an off the shelf board such as the one adafruit sell.

http://www.adafruit.com/index.php?main_page=product_info&cPath=16&products_id=174

I've got one of these and its a great little board. I built a temperature logger using one and I got it running (hardware and software) in about four hours. That said I did spend another three building the programmer!

Finally there a gallery of lots of HID devices made using cheap AVR controllers:

http://www.obdev.at/products/vusb/prjhid.html

Also look up LUFA and using atmel's true USB line of microcontrollers. I just made something with the at90USB82 AVR chip, and it was super easy. This is only my fourth circuit board and it works great. You need to have a hot air gun for soldering though. Alternatively, you could buy atmels USB dev stick.
-Taylor

Devices based on V-USB (software only USB implementation for AVR microcontrollers) are probably worth a look because designs you can copy are so numerous.

This is one of the most versatile. I doesn't support the Apple IIc yet but the BBC joysticks had a similar capability so the only difference is likely to be in the adapter lead:

http://denki.world3.net/retro_v2.html

Perhaps you don't want to make your own circuit board. If so, I had a quick look at the retro's schematic and reckon you should be able to get the retro firmware running on an off the shelf board such as the one adafruit sell.

http://www.adafruit.com/index.php?main_page=product_info&cPath=16&products_id=174

I've got one of these and its a great little board. I built a temperature logger using one and I got it running (hardware and software) in about four hours. That said I did spend another three building the programmer!

Finally there a gallery of lots of HID devices made using cheap AVR controllers:

http://www.obdev.at/products/vusb/prjhid.html

I have Little Snitch installed, and every website I've designed with iWeb phones home to mac.com before a page will load, even when the site is not hosted at mac.com.

If you block mac.com with Little Snitch, you cannot navigate to your domain. Somehow the code in the sites generated by iWeb is passing some kind of information to Apple's servers and tracking every access by every user to every website ever designed with iWeb.

This cannot be accidental or an oversight, because this must generate huge amounts of traffic to Apple's servers, and this traffic costs them money and bandwidth to receive & transmit. They must be doing something with all that traffic data.

I ran Little Snitch while running the broadband speed test, and it did not appear to be sending private data as you claim. Do you have any proof?

"Wait, you can't get a trojan on your MacOS?"

I Can't. I don't know about you, pathetic loser troll. I NEVER access the Net as root. I NEVER click on attachments that claim to be "NAKED PICS OF (female athlete name here)" and my email app, Eudora, never ever automatically opens attachments or open URLs in Internet Explorer.

"How does your OS determine that it is a trojan and not a remote control app that you want to install?"

I don't use 'remote control apps".

"How does your OS determine that it is a spambot and not a regular IRC bot?"

I NEVER use IRC.

"How does your OS determine that it is a file stealing malware and not a filesharing app?""

I use Transmission as my BitTorrent Client and I ALWAYS have Little Snitch active when online.

In my decades of using Macs, I have encountered exactly ONE virus. It was on a used Color Classic I purchased. The freeware
AV app ' Disinfectant ' cleaned it right up.

Any more questions, pathetic loser troll?

There's actually a really great 3rd party app for OS X which does exactly that.

Really, how would we know for sure?

http://www.obdev.at/products/littlesnitch/index.html

Yes I know, no one will ever check all the traffic.

>Maybe coupled with some outboard piece of USB gear

AVR-USB: a firmware-only USB interface for atmel microcontrollers. Two resistors and two diodes, one ATTiny microcontroller, two power-ground caps, and you have your hardware interface on a board the size of a postage stamp. This reference board has 8 channels of power switching, that could drive reasonably large relays like, say, 8 Jameco 134949's (at $5 each), that'll each switch 20 amps at 220volts.

It could drive a three-axis CNC mill. Plug in a webcam and you have a security system. Add a relay board and you have a portable autonomous sentry setup. A usb-to-serial converter combined with fuse and owfs and a half-dozen Dallas Semiconductor one-wire devices and you can put dirt cheap thermometers all over your house. Add some Dallas I/O chips and some motors and you have zone heating for your house.

I can think of *lots* of interesting things to do with this.

>Maybe coupled with some outboard piece of USB gear

AVR-USB: a firmware-only USB interface for atmel microcontrollers. Two resistors and two diodes, one ATTiny microcontroller, two power-ground caps, and you have your hardware interface on a board the size of a postage stamp. This reference board has 8 channels of power switching, that could drive reasonably large relays like, say, 8 Jameco 134949's (at $5 each), that'll each switch 20 amps at 220volts.

It could drive a three-axis CNC mill. Plug in a webcam and you have a security system. Add a relay board and you have a portable autonomous sentry setup. A usb-to-serial converter combined with fuse and owfs and a half-dozen Dallas Semiconductor one-wire devices and you can put dirt cheap thermometers all over your house. Add some Dallas I/O chips and some motors and you have zone heating for your house.

I can think of *lots* of interesting things to do with this.

Uh... Little Snitch, anyone?

LittleSnitch is one of my favorite security programs. Shows any outgoing connections and I can allow for that session, once, or forever and to just that port, any port, that host, that host and port.

Does anyone have a torrent to a file with the trojan? I'd like to open the .pkg and and look at it. It's surprisingly easy to look at the 'install' files. Right click on the pkg and open a few folders and look for pre-flight & post-flight scripts (which can be written in about any language). .pkgs are fun little things.

Little Snitch for Mac OS X lets you write per-application firewall rules. It's pretty sweet. Not that this will help you if your favorite application is secretly sending your diary to your mom.

I think you're forgetting one of the first--LaunchBar for NeXT from 1995, which is now an OS X app.

Simply put, the only things on my machine that should phone out should be voluntarily invoked by me - the user. Namely the web browsers, software update, ssh, etceteras.

Adobe's behavior of late (and it will only get worse) is why applications like Little Snitch exist.

This kind of thing is why I wish The GIMP or similar would get useable* for those of us with hundreds of gigs of Photoshop documents.

* Open, Save, full support for all blending modes, masking modes, layer groups, and fonts/text editing capability up to at least Photoshop CS. I don't need the thing to handle Exactly Like Photoshop, but if it's going to be the "photoshop competitor" every FOSS advocate claims it is (instead of, say, the Paintshop Pro competitor that it actually is), then it ought to at least be able to handle my existing documents as well as OpenOffice handles .doc files.

I havent trusted OSX firewalls for a long time. that is why I run LilSnitch. it blocks EVERYTHING outgoing unless I specifically allow it. Even OSX get's blocked.

I never liked the "signed" or "trusted" apps get a free pass. I give out the passes not apple.

I'm thinking that Samba isn't as relevent as it once was. Especially with the growth of Linux and stronger hardware support.

"No, I think they'll either put up or shut up."

I believe Samba-TNG is still going strong, and it's under the older GPL license. Plus there are commercial alternatives. So no it's not going to be a "s**k our or...else" type of situation. But a "push us enough and we'll push back".

I was going to say the same thing about LaunchBar. It's what spotlight should have been. When I'm on a computer without it I'm constantly cursing. Or installing it.

Currently, I hardly use Spotlight on my iBook G4 800 MHz. The application launcher capability is what I need most, and I find Launchbar to be far faster than Spotlight for this. Launchbar even does a decent job for many of the searches I need, at the same speed as application launching, but Spotlight search for the same can take very long.

Can't Apple employ the technology used in Launchbar or Quicksilver along with their existing technology to make the searches faster? I know Spotlight is lower because it has to index far more data as it searches inside files. However, most searches perhaps don't need the data that is inside files, but merely the same metadata that is indexed by Launchbar/QS. So, why not have a two-step search: first search the data that is not inside the file and give results as quick as Launchbar/QS, then search inside the files to give other search results?

I understand this may be a non-issue for the latest Intel Macs, and so, Apple may not bother.

The article (to my view) didn't mention any of the names of the programs, and I don't speak or read German, so I don't know how to find the names.

But I would swear by a nifty little app (for mac), Little Snitch which does seem to block both outgoing and incoming traffic perfectly.