Ole wrote: > I cannot confirm this. I installed widget update today and LS detected > its connection attempts correctly. > > Ole > > Am 30.10.2005 um 16:06 schrieb Saad Kadhi: > >> Hi there, >> >> I downloaded Widget Update [1], a widget that checks if there are any >> updates for the other widgets installed on the Dashboard. Widget >> Update was able to access the Internet [2] and I am 100% sure I didn't >> see any alert from LS regarding this access.
Hi, It all depends on how the widgets communicate with the Internet and how you've set up your rules. Since Little Snitch works on the basis of allowing or blocking network access to specific applications, it's possible to inadvertently grant full access to more applications than you bargained for by using the "Always allow connection" rule on a "trusted" application. For example, many applications (not just widgets) use a program called cURL, which is an open source application that helps alleviate from developers most of the heavy lifting associated with talking to web and FTP servers, among others. (cURL is included in the default Mac OS X installation - open a Terminal window and type "man curl" or "curl --help".) Now, let's say "Application A" uses cURL to perform an up-to-date software check. You trust "Application A" and are annoyed at always having to confirm that you want to allow network access to it whenever it performs a software update check, so you decide to always allow outgoing web traffic. However, along comes "Application B" which also uses cURL, but uses it instead to phone home to its developers to let them know details of your machine, IP address, passwords, etc.. Since you previously granted "always allow" to cURL, you would never see Application B's connection attempt. Incidentally, this is not theoretical -- I have a number of shareware and even commercial applications and system preference panels installed on my system that rely on cURL to talk to the Internet, and you probably do, too. Maybe this is obvious to the more tech-savvy among us, but I think it's an important point to make if it hasn't already been made elsewhere. What would be nice in a future version of Little Snitch is for it to be able to differentiate between what applications call these "helper applications" (such as cURL) so that granting an application full access to cURL won't necessarily give unfettered access to another application that uses cURL behind the scenes. In the meantime, remember that Little Snitch is just another tool in your security arsenal and that it can't prevent all mishaps from occurring.. Thanks, -f -- Derek Fong Web Application Developer subtitle designs inc. <http://www.subtitled.com/> "Mistakes are the portals of discovery." --James Joyce >> GPG key/fingerprint available upon request << _______________________________________________ Littlesnitch-talk mailing list Littlesnitch-talk@obdev.at http://at.obdev.at/mailman/listinfo/littlesnitch-talk
