Anyone new to these tools will be horrified at how aggressively Windows tries to violate your privacy with unnecessary data collection, phone-homes, remote calls, etc.
Linux is galaxies better in that regard. I still don’t want anything making any connections without my explicit knowledge and consent though, and there are lots of packages and applications that try to unnecessarily exfiltrate data without asking. If you aren’t using an active firewall, you are leaking.
I second OpenSnitch. It’s the most annoying program i run, but the control it gives you over your outbound connections is so worth it from a security and privacy standpoint.
Once you start and run this you get to truly see how many different URLs are loaded when visiting just one website
Can’t, all corporate hardware and their software, too. Not my problem, but also not my intellectual property being stolen to be used in AI, so eh, NotMyProblemException.
They still work together. Pi-hole is an excellent second line of defense, but an active firewall tells you about what is trying to make connections and asks for your consent. Block lists are great, but they aren’t impenetrable. If you want to know exactly what your device and software are doing, you should also be using an active firewall.
Thanks for that suggestion, I had a passing thought a while back I should look into something like this.
Any problems in your experience? I imagine apps will fail if you’re slow to approve the outbound connection and something times out, so I get all of that, looking more for broader issues this might cause? Specifically wondering about the docker containers I run, all the development nonsense.
Both OpenSnitch and SimpleWall block by default. You can also set a timeout so that if you don’t respond in a certain amount of time they automatically create a permanent block rule. You can also check your rules and activity at any point. If a specific application is misbehaving you can always check its rules and change them, or delete them and start over. They’re very efficient, and get less intrusive over time as you respond to prompts and create more rules.
Not necessarily. These active firewall tools are much more thorough. They tell you any time an application or service is trying to make a connection to anywhere. Block lists are helpful, but still have gaps. These let *nothing *through unless you explicitly allow it, and ask you clearly and immediately when something that doesn’t already have a rule tries.
Doesn’t anyone else use things like OpenSnitch to audit all outgoing connections? I block all phone homes until something breaks, then investigate.
If you are trapped on Windows for some corporate reason, there is SimpleWall.
We’re all friends here, and friends don’t let friends let apps phone home.
Can I subscribe to your newsletter? I want to hear all your other recommendations.
I feel like lots of people here use Linux, where you don’t need to be constantly vigilant of your applications working against you…
Anyone new to these tools will be horrified at how aggressively Windows tries to violate your privacy with unnecessary data collection, phone-homes, remote calls, etc.
Linux is galaxies better in that regard. I still don’t want anything making any connections without my explicit knowledge and consent though, and there are lots of packages and applications that try to unnecessarily exfiltrate data without asking. If you aren’t using an active firewall, you are leaking.
I second OpenSnitch. It’s the most annoying program i run, but the control it gives you over your outbound connections is so worth it from a security and privacy standpoint.
Once you start and run this you get to truly see how many different URLs are loaded when visiting just one website
Can’t, all corporate hardware and their software, too. Not my problem, but also not my intellectual property being stolen to be used in AI, so eh,
NotMyProblemException.Does running pi hole make this redundant, or are they solving different problems?
They still work together. Pi-hole is an excellent second line of defense, but an active firewall tells you about what is trying to make connections and asks for your consent. Block lists are great, but they aren’t impenetrable. If you want to know exactly what your device and software are doing, you should also be using an active firewall.
This is cool, thanks.
Thanks for that suggestion, I had a passing thought a while back I should look into something like this.
Any problems in your experience? I imagine apps will fail if you’re slow to approve the outbound connection and something times out, so I get all of that, looking more for broader issues this might cause? Specifically wondering about the docker containers I run, all the development nonsense.
Both OpenSnitch and SimpleWall block by default. You can also set a timeout so that if you don’t respond in a certain amount of time they automatically create a permanent block rule. You can also check your rules and activity at any point. If a specific application is misbehaving you can always check its rules and change them, or delete them and start over. They’re very efficient, and get less intrusive over time as you respond to prompts and create more rules.
Lulu is a good FOSS alternative for Macs. LittleSnitch is good too but proprietary (that’s where OpenSnitch got its name)
I did not know about this before, bookmarking the OpenSnitch github so I can try it out on my PC later
TIL.
Is this redundant with DNSBL?
Not necessarily. These active firewall tools are much more thorough. They tell you any time an application or service is trying to make a connection to anywhere. Block lists are helpful, but still have gaps. These let *nothing *through unless you explicitly allow it, and ask you clearly and immediately when something that doesn’t already have a rule tries.