Previous 1 2 3 Next 34 Replies Latest reply: Nov 10, 2014 3:31 PM by dan6m
James Mol Level 3 Level 3 (685 points)

Today Little Snitch said there was a new suggested rule for start up. The rule said XProtectUpdate was trying to contact 23.60.78.224. A Whois check showed its net name as AKAMAI (Akamai Technologies, Inc.)

 

I believe XProtectUpdate is part of Apple's security program.

 

Any reason it would be trying to connect to AKAMAI (Akamai Technologies, Inc.) instead of Apple?

 

Thanks


iMac, OS X Mountain Lion (10.8.2), 2GB RAM
  • softwater Level 5 Level 5 (5,370 points)

    Akamai is a download management program, often associated with Adobe products and Adobe's updater (you got Photoshop, Illustrator, InDesign or anything like that?). It basically allows your mac to download large files in a relatively timely fashion. In short, it's legit' and not something to worry about.

     

    More worrisome is Little Snitch. False positives and constant notifications about normal behaviour cause this program to be a PITA. Unless you actually have particular security issues and need to monitor who's communicating with your computer, I'd recommend uninstalling this program. For most ordinary users, it's a waste of time and CPU resources.

     

    Be sure to uninstall it properly according to the developer's instructions. Just trashing it won't get rid of the launch processes that kick in on start up.

  • thomas_r. Level 7 Level 7 (29,200 points)

    Just to add to what softwater said, note that Apple also uses Akamai to serve some of their updates. It is not unusual at all for a Mac to be contacting Akamai's servers, even if it has no Adobe products installed.

  • ds store Level 7 Level 7 (30,315 points)

    I believe XProtectUpdate is part of Apple's security program.

     

    Yes you are correct and it gets updates regularly off the Internet.

     

     

    Any reason it would be trying to connect to AKAMAI (Akamai Technologies, Inc.) instead of Apple?

     

    AKAMAI is a data distribution service provider that hosts downloads on ISP servers so it's closer to your physical location thus faster  rather than straining Apple's servers in Cupertino.

     

     

    Extra note: If you enabled a alternate DNS service on your computer or router, you need to make sure the alternate DNS has a server in the general location as your ISP server or AKAMAI downloads get routed to a further away server thus your downloads speeds can be drastically slowed.

     

     

    By the way, softwater is way off base about LittleSnitch, it's good to have Mac users being aware of what is going on with their machines as this is how malware is discovered and the rest of the non-techie side of the Mac community (and Apple) informed of the dangers.

     

    Keep running LittleSnitch, your doing a good thing asking questions, being alert and not remaining a ignorant sheep.

  • softwater Level 5 Level 5 (5,370 points)

    ds store wrote:

     

    By the way, softwater is way off base about LittleSnitch, it's good to have Mac users being aware of what is going on with their machines as this is how malware is discovered and the rest of the non-techie side of the Mac community (and Apple) informed of the dangers.

     

    Keep running LittleSnitch, your doing a good thing asking questions, being alert and not remaining a ignorant sheep.

     

    No, you're 'off base', not me.

     

    You see, its a matter of opinion.

     

    Yours just happens to be wrong...

  • James Mol Level 3 Level 3 (685 points)

    Thanks to all who chimed in. I do like LS because I can see what is going on. Most of the time it is easy to figure out, but sometimes...

     

    Thanks again

     

    Jim

  • kjinx Level 1 Level 1 (0 points)

    I wanted to comment regarding "softwater"'s slam on Little Snitch. I've been using this program for about 8 years. It's a great program. Inexpensive and VERY useful. It is a GOOD THING to know what your Mac is doing and who/what it's talking to online. The combination of Activity Monitor (Apple stock app) and Little Snitch gives you all the information you need to know exactly what's going on in terms of memory and CPU usage, disk accesses, and internet communication. The latest version is specifically updated for Mountain Lion. If you set it up correctly it will not produce, "False positives and constant notifications about normal behaviour". I've been working with Macs since 1984. I am in no way connected to Little Snitch, just a satisfied user.

  • thomas_r. Level 7 Level 7 (29,200 points)

    If you set it up correctly it will not produce, "False positives and constant notifications about normal behaviour".

     

    The difficulty is in setting it up correctly. We see a lot of people here worried about perfectly normal things brought to their attention by Little Snitch (as demonstrated by this discussion). I'm not saying that I agree with softwater that it's a bad thing to have installed. I'm also not agreeing with ds store that it's a good thing to have installed. It can be a useful tool for people who are willing and able to learn about the underlying processes on their Macs and the network connections made on a normal basis by those processes. However, for someone who just wants to install it and be protected without having to do anything else, it's not appropriate.

     

    Also, it needs to be pointed out that malware has been known to disable Little Snitch, making it useless. On the other hand, some malware has been known to abort installation if Little Snitch is detected, making it very useful.

     

    In other words, it can be useful if you are aware of its limitations and willing to learn how to get it configured properly. It can be a big problem if not.

  • g_wolfman Level 4 Level 4 (1,120 points)

    However, for someone who just wants to install it and be protected without having to do anything else, it's not appropriate.

     

    Unfortunately, there's very little that's appropriate for someone in this situation which will actually protect them, but without boatloads of false positives.

  • designer_geek Level 1 Level 1 (0 points)

    I tend to agree with softwater. But I'd draw attention to the key sentence

     

    "Unless you actually have particular security issues and need to monitor who's communicating with your computer, I'd recommend uninstalling this program."

     

    As it happens, I do have particular security issues, and I do use little snitch. But I'm a software engineer, so I understand what its telling me. Most users are unlikely to understand what little snitch is telling them, which does tend to make it more of a nuisance which won't afford much security because people will just end up accepting all the alerts as ok.

     

    That said, if you do understand what it's telling you, then I think it's a valuable tool. It's just not appropriate for everyone.

     

    There are two solutions - help teach people to understand what the tool tells them, or help make the tool easier to use.

  • James Mol Level 3 Level 3 (685 points)

    "There are two solutions - help teach people to understand what the tool tells them, or help make the tool easier to use."

     

    Well put. That is why I posted this as I wanted to learn, but from what most everyone is saying, I have much more to learn. I would rather keep using it and once or twice a year ask a question. It would be nice if they added a feature, such as VirusBarrier has done, that tells what the warning is about. This helps most of the time.

     

    Thanks for all your input, opinions and suggestion!

  • chopperp1 Level 1 Level 1 (0 points)

    Keep Little Snitch running... This is how you learn about different apps stealing your private information. Once you see unintended outbound traffic generated by non-OS app, then you should investigate, and possibly remove that app from your system. You would be surprised what kind of information is being collected by legit software, and sent out to their servers. BTW Akamai is a content provider, but it also hosts advertisement banners for companies such as double-click, and others...

    I don't know who that guy 'softwater' is, but by suggesting removal of the one of the best apps out there it makes me think he must be from some advertisement co that specializes in engineering malware to steal data...

  • Csound1 Level 8 Level 8 (39,730 points)

    chopperp1 wrote:

     

    Keep Little Snitch running... This is how you learn about different apps stealing your private information. Once you see unintended outbound traffic generated by non-OS app, then you should investigate, and possibly remove that app from your system. You would be surprised what kind of information is being collected by legit software, and sent out to their servers. BTW Akamai is a content provider, but it also hosts advertisement banners for companies such as double-click, and others...

    I don't know who that guy 'softwater' is, but by suggesting removal of the one of the best apps out there it makes me think he must be from some advertisement co that specializes in engineering malware to steal data...

     

  • William Lloyd Level 7 Level 7 (20,195 points)

    Little Snitch is good software.  Made by a great software company.

     

    HOWEVER, it's also one of the biggest causes of instability in OS X.  It inserts itself at the lowest levels of the OS, and can block key system services and cause all manner of problems.  And, 99% of the time, the users of Little Snitch don't understand how applications and the operating systems work, and thus are improperly concerned and may block things that cause OS instability.  And then, when stuff doesn't work down the road, they can't associate cause and effect and blame Apple for making a "crappy" OS.

     

    So I guess both sides are right here.  Almost everything reported by Little Snitch is a non-issue, and blocking most things *will* cause problems.

  • masc88 Level 1 Level 1 (5 points)

    softwater wrote:

     

    You see, its a matter of opinion.

    no it's not.

     

    users should avoid system applications beyond their knowledge and/or expertise, that's true.

    however, this wasn't even the case here, as the question was clearly about a system process communicating.

     

    so your discrediting and uninstall recommendation are both inappropriate and off-topic.

Previous 1 2 3 Next