The Computer’s Secret Whispers

By Naomi Brockwell, Founder and Director of NBTV

The problem:

Our computer constantly whispers secrets out to the internet about what we do on the device. Our operating system itself relentlessly pings centralized servers about our activities. The programs we use do the same thing. Even when we use apps that we think are offline, they are still often quietly collecting information, waiting until the moment when we reconnect to the internet to immediately share what they've collected. This continuous transmission of data from our computer to remote servers happens silently, often without our awareness or explicit consent. The privacy leak is often far more extensive than most of us realize.

Understanding data transmission:

Telemetry makes up a bulk of the data leaving our machines. It is automatically transmitted from our devices and collected by remote servers, and usually includes information about how we use different programs. Data is sent when we perform all kinds of actions — even opening an application or clicking 'Save' can initiate a silent report.

This can be a useful forensics tool, helping companies troubleshoot and provide better services. The problem is that a lot of the time, the user has no idea it’s going on, or the extent of information that is being collected. Turning off telemetry can be complication and often ineffective, and this data transmission continues despite user attempts to disable it within the program or operating system itself.

Fortunately there are other things we can do to stop it from happening.

What can we do?

There are tools that allow us to monitor all the network traffic that leaves our computer, and block any connections that we don’t want. So if you’re using a calculator app, for example, and it’s trying to connect with some remote server, you can just block that connection from happening. If you're on a Windows computer, you can use something called GlassWire to do this, and if you're on a Mac you can use a program called Little Snitch, or a free product called Lulu. There are also many other similar products out there. They work as a kind of outgoing firewall. Instead of trying to block data from coming in to your machine, you can block outgoing data that you don't want to leave your machine.

Using Little Snitch

Let’s look specifically at Little Snitch as an example of what to expect.

(Take a look at our video for a full tutorial on it, and let us know if you have any questions, or have suggestions for similar tools that you like!)

When you have Little Snitch enabled, it will alert you every time something on your computer — whether a program or your MacOS operating system itself — tries to connect to the internet. You can decide whether you want to allow that connection or block it, and set a rule for any future connections to that server. It also lets you set more fine grained controls on your device, like how long you want a rule to last for, and the ability to limit connections to certain ports, domains, or even entire protocols.

Setup

We used Michael Bazzel’s recommended Little Snitch configuration from his book “Extreme Privacy: MacOS Devices”: https://inteltechniques.com/book7b.html

The book gives you a download link to install his configuration directly.

(I’m not affiliated with Bazzel in any way, I’ve just found his resources to be some of the best privacy educational materials I’ve ever invested in, and I highly recommend them.)

You can either import his settings, or go through and configure your own manually. Either way, you’ll need to understand how these settings work, and how to tweak them.

To get started, select “alert mode”, which will tell you in real time which connections to the internet are being requested on your computer, and you can manually decide on a per-alert basis which you want to approve or deny.

For example if you use Brave, open that app and you’ll get a popup asking if Brave is allowed to send data to the internet. The browser is the main way we access the internet, so you’ll want to allow any connection, and select “forever”. Now you will no longer receive any prompts about Brave, and your browser will be able to communicate with the internet.

For another example, take the stock Apple Calendar: It doesn’t matter if you’re not logged in to an iCloud account and have never asked your calendar to sync anything for you, Apple will still send data about your calendar activities to their servers. To block this, open the calendar app, and on the popup, it will tell you that it’s attempting to connect to “caldav.iCloud.com”. You’ll want to make sure “Any connection” is selected, “Forever” is the duration set, and then click “Deny”. This will make sure that your data is only stored locally on your device and not synced anywhere else, and is not being transmitted to the internet.

For any apps that you don’t want to connect to the internet, deny those connections.

If you go to the Network Monitor feature, you can see all of your network activity and which domains your apps are communicating with in real time. To see all the rules you have set, click the Little Snitch icon in the top of your desktop, click “Little Snitch Rules”, and it will show you every rule you currently have set. To tweak any rule, double click on it and adjust as needed.

Warnings

#1

It can be confusing what a connection’s purpose is and whether it’s needed. Little Snitch helpfully lets you know which program is initiating each connection request, to give you a better understanding of the connection request. Have a think about whether you want that program to access the internet and approve or deny the request accordingly.

Sometimes the program initiating the request might not be familiar to you. Little Snitch provides a written description of what each request is for, to help you decide whether you want to allow it.

If you’re still unsure whether to approve or deny something, you can try denying a request and setting the duration to 10 minutes, and see if anything breaks. If so, your settings will go back to normal after 10 minutes, and you can choose differently the next time.

#2

The first time you use this program, it’s going to be super annoying. You’ll get countless alerts every second. Think of it this way:

The sheer number of these pop ups will make you realize just how often your computer has been communicating with the internet without you realizing.

The good news is that once you’ve established your rules for certain servers, you won’t get pop ups for those connections again, so the app quickly becomes less noticeable, and after a day will basically just work quietly in the background according to the rules you’ve set.

Again, by importing Michael Bazzel’s configurations at the start he’ll get most of your work done for you. He maintains that while Little Snitch is easily the most annoying tool for his clients, it may also provide more privacy than anything else.

There is a free trial of Little Snitch if you just wanted to try it out first, and that will last for 3 hours before shutting off.

A free alternative to Little Snitch that you can try is LuLu. It doesn’t have quite the same level of functionality, but has become more competitive over time.

Little Snitch: https://www.obdev.at/products/littlesnitch/download.html

Lulu: https://objective-see.org/products/lulu.html

As always, these products are not sponsors. NBTV has no show sponsors – our job is just to try out privacy tools, and let you know which ones we like that we think will help you live a more privacy-conscious life.

Most of us aren’t even aware of all the data being sent off our devices. Using a reverse firewall like Little Snitch, Lulu, or GlassWire can be very revealing, showing you just how much your computer is whispering to the broader internet as you go about the activities you presumed were private.

A version of this article first appeared in video form on NBTV. NBTV is a non-profit educational platform that teaches people how to reclaim control of their lives in the digital age. NBTV and The Ludlow Institute give people the tools they need to take back their privacy, money, and free online expression.

Learn more at NBTV.media