The less software that runs with root rights the better. If you want to secure your system, you should not increase its attack surface, but reduce it. The root rights promise big booty if successful: Full control over Little Snitch and the computer.
This gives Little Snitch root privileges Little Snitch looks at all network traffic and is therefore vulnerable to any network traffic. Little Snitch installs a kernel extension KEXT to read network traffic. No answer to your question, but a few safety tips on Little Snitch before you use it. So your ISP may be in in Dallas Texas but with the VPN it looks like you are in Vancouver, BC, Canada. And if I then google something the traffic exits from my work network and goes and connects to google.Ī personal VPN, like you have allows you to appear as if you are surfing the web from the next town, state, country or continent and no one can tell where you are actually from. This allows me onto that network as if I were sitting at my desk. The VPN creates a ( virtual) tunnel (a private network) between my Mac or PC at home to my work network. The most common reason for a VPN is still my ability to connect back to my work network securely. And Little Snitch still sees all of that activity, it is just going through the VPN. You are being protected from being spied on between your Mac and the VPN exit point. You are not being protected from what the website (and Firefox allows it to) does. Not to mention all the cookies and tracking code that the website collects on you. So if you browse the web using Firefox, it will still connect to every website you point it at. No one can spy on any traffic between those two points.īut everything on your Mac (or PC) still talks to everything that you point it to. The key point here is that the VPN provides a secure tunnel between you and the end of the VPN. Prague, Milan, Mexico City, Vancouver, Miami, wherever they have "exit points." That pathway above stays the same but it is like running a tube between your Mac and the internet in that your router, ISP and VPN provider, cant see what is in the VPN tunnel, as it is hidden by the VPN.Īnd instead of your traffic exiting your ISP for the internet in your town, it exits the VPN provider's network anywhere you want it to.
Mac -> VPN Tunnel -> (your Router) -> (your ISP) -> (Your VPN provider) ->the internet
The VPN is a TUNNEL that starts at your Mac and ends not at the network and servers of your ISP (AT&T, Spectrum, Verizon, etc.) but at the servers and networks of the VPN provider. This is vastly simplified, if course, but will work for what we are doing here. Mac -> Local Network -> your Router -> your ISP -> the internet A VPN is nothing more than a different connection to the internet.
0 kommentar(er)
