Unwanted network connections.

I don't know how you got to level 9 with blanket statements like that.

Surely you're aware that simply following your steps does nothing to disable gamed, SpotlightNetHelper, Webkit, photolibraryd, storeassetd and a plethora of other processes from phoning home?

Or did you fail to comprehend GreenMamba's message of saying that many users don't want our computers calling Apple numerous times a day/minute for things that are unrelated to what we're using our computers for?

I've never opened Game Center, so why should gamed be calling home all the time?

I've never opened Photos, so why should photolibraryd be calling home all the time?

I have disabled Spotlight suggestions and Safari search engine suggestions, yet connection attempts by Spotlight via Spotlight Web Content and SpotlightNethelper still appear in Little Snitch.

Etc. etc. etc.

Jees, I finally help someone and can't get credit for it.

Call it a freebie! 😁

Even iTunes is a problem - it doesn't just make 1 or 2 connections, there are LOTS.

There's one connection showing in the LS Monitor right now that resolves to all these addresses:

android-market.l.google.com, apis.google.com, clients.l.google.com, clients1.google.com, clients2.google.com, clients4.google.com, clients6.google.com, feedburner.google.com, feeds.feedburner.com, hangouts.google.com, market.android.com, plus.google.com, plus.l.google.com, s.youtube.com, storeassetd, tools.google.com, tools.l.google.com, translate.google.com, via, video-stats.l.google.com, www.googlecommerce.com, www.youtube-nocookie.com, www.youtube.com, www3.l.google.com, www4.l.google.com, youtube-ui.l.google.com

IP Addresses: 173.194.33.128-173.194.33.137, 173.194.33.142, 173.194.33.160-173.194.33.169, 173.194.33.174, 216.58.193.78, 216.58.193.110, 216.58.193.174, 216.58.216.142, 216.58.216.174

I only want the bare minimum of connections being made to Apple in order for my apps to work.

I've blocked p24-buy.itunes.apple.com, mzstatic.com, phobos.apple.com, se2.itunes.apple.com, securemetrics.apple.com, xp.apple.com, yet iTunes still seems to function normally and download podcasts.

I'll never buy in-app game add-ons or anything from the iTunes Store or MAS, yet storeassetd via com.apple.CommerceKit.TransactionService and storeinappd via com.apple.CommerceKit.TransactionService try to connect on reboot.

I don't use IM (FaceTime), yet IMRemoteURLConnectionAgent.xpc continually tries to connect.

ENOUGH'S ENOUGH, APPLE!

It was iTunes that was trying to connect to that list of addresses, it wasn't Safari.

I never noticed them either until I began closely inspecting the connections because I was posting in this discussion.

I know some of them (such as feedburner.com) are for podcast downloads, but it just proves the point of this topic, which is to say that there are way too many connections that users don't know about. The average user has no idea all those connections are being made.

I have never watched videos in iTunes, yet look at all the video-related connections:

s.youtube.com

video-stats.l.google.com

www.youtube-nocookie.com

www.youtube.com

youtube-ui.l.google.com

And I have no need for googlecommerce.com and certainly don't want iTunes contacting Google without my permission or a good reason for doing so. There are about 15 Google addresses in the list!

I don't use IOS devices, so why is iTunes on my Mac computer trying to talk to android-market.l.google.com?

GreenMamba wrote:

Transparency is DEFINITELY the issue. I wish I could find a realtime updated list of protocols which are vital to OS X El Capitan's UNIX system integrity and why they NEED to be ran as soon as the system starts. For example Camelot, Maps.app also uses geo location to tag photos, videos and God only knows what else because I cannot find a complete list. But you are right, for the most part i think it is just to make the users experience more convenient. Unfortunately I am not one of those people. I want to know what is running and why.

OS X has never documented all of the services that it calls out to on the web. It would be pointless because normal users would not be able to decipher what is required. Even the most advanced users will have a lot of work deciding which features they need, apps have never been designed to allow piecemeal access to specific services let alone specific IP's & domains, apps and features will fail in new & bizarre ways if you could 'pick & choose'.

If you really want an OS that lets you have full control over networking install Kali Linux – it does not enable any networking by default. You need to enable interfaces & decide what you want to be allowed. Browsers & other apps will still try to use location based services if a site or app requests it (it's part of the HTML5 spec).

http://kali.org/

You appear to be considering disabling SIP – a feature that is built into OS X to add security (e.g. preventing one app reaching into another apps memory - like SIMBL). If you don't trust Apple how can you justify using their OS? They do document how they try to handle your privacy this is a good place to start.

https://www.apple.com/privacy/

It seems impractical to disable parts of an undocumented OS based on guesswork from Little Snitch at least with Kali you can go find the sources & read how it should work (or ask on the mailing lists). Use Charles to see inside some of the traffic if you must try to uncover the hidden secrets of http…

http://www.charlesproxy.com/

Apple's open source code can also be viewed but that doesn't include everything in the OS so you face an uphill struggle (maybe this OS is not suitable for you?).

http://www.opensource.apple.com

There is another way to prevent internet access and remove the need for hacking the OS to block the outbound traffic. Block it at the gateway.

It requires some hardware, software, network configuration and lots of work (a pfSense firewall or Sophos UTM9 install could work). You will also need to install a certificate to allow the firewall to inspect inside https traffic (assuming you want it to access that too). That will probably break some online services, but many should still work, corporate firewalls try this all the time with varying degrees of success. The Mac can be kept close to a 'default' state if the network blocks the unwanted traffic.

You can block whatever you choose (including ads, file sharing, streaming video, explicit content, known bad servers…) it can also be used with other devices on your network too. I suspect you will find yourself constantly trying to disable or weaken parts of it just to make the Macs & iOS devices work but it can improve security if done right.

What ever happened to booting up your mac/system and you "the user" is the person who makes all of these outside connections to the internet.

Unfortunately, the majority of all current computer users do not seem to care about their privacy or security. Instead they want "features" including connectivity, social, location, and sharing, to be easy and immediately available with no knowledge of how it works. Apple has done their best at keeping such needs secure, but they need to cater to these users to continue to sell products. You are an atypical user and therefore need to take steps to disable the services that you don't need.

Unfortunately i have recently read El Capitan has "System Integrity Protection" which prevents even root from modifying system files. So in short what does this mean?

The new SIP feature (also referred to as rootless) is an exceptional security feature that prevents modification of the core system files that should never, ever, be modified. This ensures that not even a trojan can modify critical files, nor can a poorly developed application, nor a user. If you are security conscious, then you should completely embrace the value of SIP as it's another layer of security in the Mac's already hardened OS.

Again as a lay mac user (i am not a programmer or computer engineer) why must certain items run even if I don't use them? Geo-location is another example, probably better than gamed. I am under the assumption after researching a little bit, the com.apple.geod.xpc protocol basically is a location service. Well what if I don't want my location to be documented constantly while using my mac? Why can't i just turn it off.

You can turn it off, along with nearly any other feature that you don't use. Have you ever looked through ALL of the options in System Preferences? In a few minutes I found these settings that you may want to consider:

• System Preferences > Security & Privacy > Privacy > DISABLE "Location Services"
• System Preferences > Security & Privacy > Privacy > DISABLE "Send diagnostics ..."
• System Preferences > Spotlight > DISABLE "Allow Spotlight Suggestions in Spotlight and Lookup"
• System Preferences > Spotlight > DISABLE "Bing Web Searches"
• System Preferences > iCloud > "Sign Out"
• System Preferences > Extensions > Go through every sidebar item and DISABLE each you don't want
• System Preferences > App Store > DISABLE "Automatically check for updates"
• System Preferences > Internet Accounts > Delete any account that you don't use
• System Preferences > Users & Groups > Select your user > Login Items > Remove all that you don't want running
• System Preferences > Users & Groups > Select your user > Login Items > Remove all that you don't want running

I do not want to use iCloud but it almost seems impossible because i own an iPhone, Macbook, and other Apple products which all want to communicate (even though i wish they were just single entities).

You absolutely do not need to use iCloud on any of your Mac OS or iOS devices! Just log out of iCloud on all of them and you are done. Lack of iCloud has no effect whatsoever on the function of your IOS device or Mac OS (you just can't use the syncing features). In place of iCloud sync, you could go back to using iTunes to sync by cable to each device (like in the 2000's).

If I can please get some help with things I can get rid of without disrupting the integrity of my UNIX-like OS aka OS X El Capitan I would be very happy

If you really want a completely minimal UNIX-like OS that has minimal services enabled by default, no default cloud or social features, and no services phoning home at all, then you'll want to install Linux Mint Xfce instead of Mac OS. Or, you can continue to use the polished and modern OS that is El Capitan and just set your router's firewall to "default deny" all ports phoning home and then enable only those that you want to get out.

I lost internet connection the other day, my iMac went mad when I rebooted it just to test an idea as it could not connect to the net to authenticate something, I had in console line after line of ImRemoteURLConnectionAgent until that service crashed. Now I know this is a system daemon of some kind and it keeps the Ethernet port alive even with wake for network access is off and Power nap is off as well when the iMac sleeps. I'm not sure if this a quirk of the pure SSD late 2015 5K iMacs or not, but I wish I knew what to do to turn this off. OS X never used to phone home this much.

Check out this app - it's only $9 right now.

The dev. says "Radio Silence respects your concentration. That is why it will never interrupt you with pop-up windows or alerts."

A Lifehacker quote says "A lot of apps secretly check in with the mothership behind the scenes without asking your permission. If you'd prefer they didn't, Radio Silence can solve your problem hassle-free.”

SILENCED!

http://radiosilenceapp.com/