nika.domanska

Q: How to keep data safe when using apps?

Dear community,

 

i consider using some app for sensitive data, but i am not sure, if i can trust this app. I faced that problem many times, and figuring now about a general solution.

 

For me it would be enough, if it is sure, that the app itself does not communicate with any server.

Linc Davis described already in a thread some diagnostics for open ports : localhost open ports 9999, 631 . But how can i check if a specific app tries to use my network access? Maybe it doesnt do that today, but in a month - so i would like to set something like a guardian on it

 

I use OSX Yosemite and WLAN for network access, and try to keep all other doors (like bluetooth) closed.

 

I appologize if that question is not appropriate, im new to the support community.

 

Best regards

Nika

MacBook Pro with Retina display, OS X Yosemite (10.10.5)

Posted on Oct 13, 2015 1:40 PM

Close

Q: How to keep data safe when using apps?

  • All replies
  • Helpful answers

  • by BobHarris,Helpful

    BobHarris BobHarris Oct 14, 2015 12:43 AM in response to nika.domanska
    Level 6 (19,405 points)
    Mac OS X
    Oct 14, 2015 12:43 AM in response to nika.domanska

    You could just disconnect from the network when using that app and only reconnect after quitting the app.

     

    You could get LittleSnitch which yells when apps attempt to connect to the internet and phone home.

  • by MrHoffman,Helpful

    MrHoffman MrHoffman Oct 14, 2015 12:43 AM in response to nika.domanska
    Level 6 (15,627 points)
    Mac OS X
    Oct 14, 2015 12:43 AM in response to nika.domanska

    If the app is installed and has had moderate access to your system, then your data can already be gone — if the app author was inclined to copy it.

     

    If the data is sufficiently sensitive, then you'll want to acquire a second and purpose-dedicated and network-disconnected system.  Also get yourself some technical assistance beyond what you'll get here in the forums — no offense intended to BobHarris.

     

    If the app author was inclined to exfiltrate your data and was moderately skilled, I'd question whether the traffic would be particularly visible to host-based monitoring.  (I'd certainly prototype my exfiltration scheme against LittleSnitch, if I were inclined to try to swipe sensitive data.)

  • by nika.domanska,

    nika.domanska nika.domanska Oct 14, 2015 12:49 AM in response to nika.domanska
    Level 1 (0 points)
    Oct 14, 2015 12:49 AM in response to nika.domanska

    Thank you BobHarris and MrHoffman for your quick answers!

     

    This time I was clever enough to ask before installing, actually i haven´t even downloaded my desired app yet.

     

    With your answers, I can talk better to my technical assistance now, and will do that. If something relevant for the public turns out, I will post it here.