Little Snitch says iTunes is unverified

dot.com wrote:

What you seem to basically be advocating, is people are not able to learn from previous experience and evolve and learn, and I don't agree with that. If you and any others object to people asking questions about what LittleSnitch warns them about, then the answer seems obvious - don't bother answering. Let them figure it out or get answers from someone who doesn't. LittleSnitch is not a bad or evil program because it makes people ask questions or makes them aware of things they didn't realize are really happening all the time in today's network based computing environment. Ignorance is not bliss and implying that it is, is simply a case of security thru obscurity in my opinion.

That's quite an assumption. And quite a wrong one. What I'm actually saying is that, for most people, the effort required to understand and tweak Little Snitch is nowhere near worth the payoff. What I object to is the, sometimes subtle, sometimes not, insinuations I often see here, that, without things like Little Snitch, people are somehow in danger. That's basically scaremongering. It's far better to teach people how to use their Macs correctly and to take advantage of the built in security. Even more important is to teach people to use the most important security feature of all: common sense. And you still think I believe people can't learn?

Effective defenses against malware and other threats

There are tools to check code signed apps…

https://developer.apple.com/legacy/library/documentation/Darwin/Reference/ManPag es/man1/codesign.1.html

As far as I know the command is (but I'm not a developer so read the manual 🙂)…

codesign -v /Applications/iTunes.app/ -v

You can also run it against processes, so that may help depending on what LS is telling you.

I wasn't aware that you had an actual binary or app to check. Maybe I misunderstood the nature of the message, I assumed it was related to certificates for SSL/TLS (https).

Also check the installed manual for your OS via man codesign (cursors to scroll around, q to exit the reader). I'm not sure if this is a developer tool - you may get a dialog telling you to install Xcode if that is the case.

What version of iTunes is it complaining about? There was a new release of iTunes (version 12.5.5 on Jan 23, 2017) that wasn't part of the macOS 10.12.3 installer of the same date for some reason. So which version of iTunes does LittleSnitch complain about??? If you don't have the newest version of iTunes you might want to download it before pursuing an issue that might have already been addressed.

By the way, I'm a believer in Little Snitch, and think that more information about what's going on with your system is better. Security is pretty important these days and the more you know the better. Of course there are lots of warnings that Little Snitch tells you about that are completely normal and the way it works is that you can tell it what is ok and it doesn't bug you again about the same thing as the rule database increases in it's knowledge of what is and what isn't OK for it to warn you about. It will be good if you learn a bit more about network protocols and Google is your best friend in deciding what is and isn't potential problems. But some people really frown on this sort of information and to be perfectly honest, that attitude puzzles me. Something that helps make you more aware and more secure in what you decide to allow thru your computuer is a good thing in my opinion. I've used it many years and wouldn't think of using a computer without it.

Good luck either way...

If you have gatekeeper set to only allow 'Mac app store & identified developers' (in System Preferences > Security, general tab) then a modified or 'tampered' iTunes would not run, that is how Apple made the OS operate. Provided you installed macOS from a trusted source (The Mac App store is the only source for Apple OS's) it should be correct.

As for the Little Snitch warning, you'll need to take it up in their forums or support section. It is a micromanagement firewall that throws up thousands of choices. It is very easy to assume many things you see is bad but in reality may be harmless (anonymous or encrypted data used to help Siri, Spotlight web search or any of the services that Apple enhances via the Internet). Like all powerful tools, you need to take great care & time to learn how to use them. You should probably dig into all of the application settings in OS X to be certain that something you have enabled (or is a default setting) is not triggering it - like iTunes fetching artwork, Podcasts, internet radio, those 'interactive LP' things 🙂… have you copied over your user data or is this still totally clean aside from Snitch? Do you have backups or other media connected that may be being indexed etc.

The problem I have with snitch is that it doesn't allow you to see into everything. If you could view the exact data in that connection you may see what it is for & why it is harmless/harmful - as it stands you have to guess & sleuth it out yourself. Eventually there are just not enough hours in the day…

dot.com wrote:

By the way, I'm a believer in Little Snitch, and think that more information about what's going on with your system is better. Security is pretty important these days and the more you know the better.

Information is only useful if you understand it. Unfortunately, most people who use Little Snitch don't understand it. The problem is further compounded by the huge number of false positives it can throw up.

It's not possible to determine the percentage of people who use LittleSnitch who understand it, but certainly there are some, and hopefully they learn a little about what is really happening "behind the screen" that is the operating system known as macOS or OS X or whatever you wish to call it (all operating systems of course, but these forums only address the Mac). How is that not good? More knowledge is helpful in making most decisions in life, and this is no exception.

The operative is "can" throw up - until you create rules that allow the things you feel are OK and only see the attempts to connect that may be indicative of a problem. It's an evolutionary process, and what starts out as a lot of false positives, changes eventually to a situation that warns about possible real problems or hopefully no warnings at all.

What you seem to basically be advocating, is people are not able to learn from previous experience and evolve and learn, and I don't agree with that. If you and any others object to people asking questions about what LittleSnitch warns them about, then the answer seems obvious - don't bother answering. Let them figure it out or get answers from someone who doesn't. LittleSnitch is not a bad or evil program because it makes people ask questions or makes them aware of things they didn't realize are really happening all the time in today's network based computing environment. Ignorance is not bliss and implying that it is, is simply a case of security thru obscurity in my opinion.

Your issue is with Little Snitch, it is recommend you ask this question to their forums, as the developers are entirely responsible for it's functionality.

Apple does not develop that software and is not responsible for how 3rd party software behaves or fails to in OS X.

I didn't mention either the idea of "danger" or "scaremongering" - I attempted to point out informed is better than uninformed. LittleSnitch allows information to be passed along to the computer user. I've been using it for years and I rarely even notice it's there due to the evolution of the rules I've created over that time, and would say that is the case for anyone else who uses the program for any length of time.

I didn't assume anything, merely read your statements about "Unfortunately, most people who use Little Snitch don't understand it" (in both your replies) and "huge number of false positives it can throw up" are simply not provable or correct after the program has been in use for a while. The first statement is simply unprovable and the later is only true when you first install it. It quickly becomes very quiet as you create rules that let it know what is OK and what isn't. Is the effort involved in creating those rules all that difficult or painful or overwhelming. I don't believe so.

As far as the macOS firewall in System Preferences, it is only for incoming connections, not outbound ones. The only options it gives you is to specify which applications you wish to control and only has two options for any application ("Allow incoming connection" or "Block incoming connection"). Is there something I'm missing?

How does that compare to Little Snitch's ability to connect to a particular site based on which browser you're using or to restrict access to a specific port number or any of the other possible ways to allow and restrict connections? Have you even ever used the program for any length of time? If you have and still don't think the program is of any use is one thing, but if you've never used it at all or for any length of time and are simply telling people that it's not worth the effort then that isn't exactly a good position to be advocating from.

I agree that common sense will go a long way in helping to protect people from doing something they shouldn't, but Little Snitch is a way to help ensure that it doesn't happen by accident.

Perhaps it's best to say we just simply disagree about whether Little Snitch is of any help or not, and let people decide for themselves which way they like their computers to behave.

dot.com wrote:

I didn't mention either the idea of "danger" or "scaremongering" - I attempted to point out informed is better than uninformed. LittleSnitch allows information to be passed along to the computer user. I've been using it for years and I rarely even notice it's there due to the evolution of the rules I've created over that time, and would say that is the case for anyone else who uses the program for any length of time.

I never said that you were scaremongering. If you wish to included yourself in "some people", that's your call, not mine. Yes, we should agree to disagree as you seem to not understand what I'm saying at all. You are inferring that I've never used Little Snitch and, therefore, I shouldn't say anything. I'm not sure I ever said I don't use Little Snitch.

I still maintain that, for most people, the effort required to set up Little Snitch and to understand the information it reports back is not worth the effort. There are far more useful ways to spend what, for most of us, is limited time on dealing with personal security.

I didn't infer anything - I asked explicitly if you use the program. You've danced around the issue in several replies without ever saying you have or haven't. So which is it - have you actually used it for more than a few minutes and if you have then can you sincerely say that it still throws up as you say "huge number of false positives"? Perhaps you need to review the settings in Little Snitch and make sure your rules are doing what you thought they were. If you don't or haven't used it then perhaps you might want to give it a try before trashing the program.

I understand what you're saying just fine - just don't agree with it. All you do is imply or infer things that I never said and leave it at that. If you want to say something at least base it on the facts in this conversation, not a guess about someone's motive or your personal like or dislike of any third party app.

Little Snitch is a tool - no more and no less. It's not gonna solve every possible issue that can put you in jeopardy, but for what it's designed to do, it does it very well and is something that should be considered. You can use it or not. Some people like it and some don't.

Have a nice day...

not might be, it is, the problem is entirely with Little Snitch, entirely. I've dumped it from dozens of systems, it is disaster-ware. If you continue to use it that is your decision, if you continue to believe it then you put your faith in developers I have learned to dismiss as responsible ages ago but again the failure of this software is entirely the fault of the developers. Apple is not going to fix their software so it's copacetic with someones 3rd party blunder. However if you feel Apple is obligated to you or the developers of LS then go here

apple.com/feedback