Little Snitch & Ghostery = Eye Opening

I own a payment processing company, and have some security responsibilities.  With the breach of Target and Neiman Marcus, as well as the release of the Snowden NSA files, I spent the holidays really wanting to understand what was happening in the world of security.  While there is little known about the Target/Neiman Marcus (and other big box stores) breach in the public sector right now, I did see in the media that not only were the usual players called in to investigate the breach, but the first responders were none other than the Secret Service.  This made me wonder, was this something on the scale of a Stuxnet?

Was the same attack used to infiltrate and compromise “big box store” systems?  I’m sure some day this will be shared with the security world.

Then there are the documents released as part of the Snowden whistle blowing incident.  The best video I’ve seen is a presentation in December by Jacob Applebaum:

I know that my computer has back doors only certain high level people can crack.  We live in a new technology world of glass houses.  Every action is tracked if not by the government, than for sure by corporations.  If you don’t believe me, try the following exercise:

Assuming you have an apple computer like me, Install two computer applications.  Ghostery for Firefox and Little Snitch.

Of the two, I find Ghostery to be the most straight forward.  It will tell you exactly who knows you visit the web sites you visit, and who is tracking you as you visit.  For example, when I go to Hulu, there are a minimum of 17 – 22 outbound connections to various advertising / analytic groups using straight tracking codes or beacons.  Wow, and I thought I was just watching this week’s episode of Revolution.  PC World had 48 on my last visit!  Ghostery lets you easily turn off the third party connections, and it remembers that you don’t like a specific connection as you travel the internet.  I have to say, it feels like I installed a frosting film on my glass house that prevents corporate interests from having a clear view, at least where my browser is concerned.  Not only is the plugin free today, but it is an awesome addition to my browsing experience.  Websites that used to be filled with advertisements are now clear from ads.  Nice!


Little Snitch
Little Snitch allows you to see what traffic is entering and leaving you local computer, and like a like a firewall allows you to authorize or block certain communications.  After playing with it, and reviewing several competitors, I purchased Little Snitch today.  Little Snitch can be very annoying, in that it tells you EVERY time there is an attempt to communicate in our out by your computer.  Imagine loading an email and you get multiple popups notifying you that the email / mail app is trying to communicate with a third party tracking service.  I’ve had emails trying to communicate with trackers on five different URL’s.  But as you setup the logic, the popups go away, and the “firewall” starts to become very robust.  No longer will direct marketers know that I opened their emails.  No longer will 1password automatically notify 1password’s servers when I open the app.  Talk about a violation of security even if the app is just checking for updates.  While it takes a while to setup, I feel like I can relax a bit.

Closing Thoughts
The irony is, I have nothing to hide.  Obviously I’m blogging about my “tightening of my security” here.  I keep secure data off of my local computers for the payment company, but don’t like the idea of my computers being an attack trajectory.  I also don’t like the idea of companies stacking up piles of behavioral data.  What I read online, what applications I open locally and when… this is my data, not something I want every application developer tracking.

So there you go, my little rant.  We live in glass houses, especially those of us that work / play / buy online.  But that doesn’t mean we can’t tint some of our windows.  I think Ghostery and Little Snitch are great starting points.  And apple users, if you want to be very nice to your PC friends, install Sophos for mac.  It’s free, sucks as it scans your computer the first time, but then it does a great job of only scanning new files as they enter your environment.  Someone sends me malware almost daily.  It’s nice to kill upon arrival so I don’t get caught forwarding it on to my PC friends.

marknfischer moderator

As a follow up, I just removed AddThis from the page.  It's code was injecting advertising trackers onto the page for third parties.  Thank you Ghostery.  Site is now more friendly to visitors!