thomas_r. wrote:
When I state that a post contains "dangerous misinformation" about computer security, that's the equivalent of a medical doctor stating that there is dangerous misinformation in an anti-vaccine post.
That's an interesting statement. Seems you have a very high opinion of your beliefs.
That's because my beliefs are based on a lot of professional expertise and training in computer security. If this were a discussion about baking cookies or repairing carbon fiber yachts, I'd not be so confident -- neither is an area where I have any expertise, professional or otherwise.
thomas_r. wrote:
First, there is nothing to prevent malware that achieves root privileges from completely disabling Little Snitch. This has actually been seen in malware in the wild, albeit very rarely, and this means that Little Snitch could give a false sense of security.
I'm of the mindset that it's better to use a prophylactic device that might fail than it is to not use one so as to avoid a false sense of security. Did I mention that I have no kids? 🙂
thomas_r. wrote:
Secondly, many people misinterpret Little Snitch notifications. The average user is usually not capable of making an accurate determination of whether a particular connection attempt on behalf of a particular process is legit or not. I have personally seen a number of people who have spiraled down into a pit of paranoia thanks to perfectly normal things they found with Little Snitch.
It can be a useful tool, but just like a gun, it should not be put into untrained hands without any education at all.
I generally agree. But Google can provide a wealth of information for such neophytes; there are many sites that provide information about what processes are doing and where they communicate. My wife, a freelance writer and editor, has done fine with Little Snitch for a couple of years now.
The very user who is least able to interpret Little Snitch notifications is probably also the one least able to protect themselves from malware without such a tool. I'd rather that they be scared witless than than to have their identity stolen or their machine turned into part of some botnet (that would then spend the next three days attacking the mail servers and FTP servers on the domains that I run).
And, with that, I'll sign off and give you the last word if you want it. You're a bright guy with a lot of knowledge and I appreciate what you do for the Mac community, so the floor is yours.