RSS

Tag Archives: little snitch

Google Drive – cannot sign in

25 Apr

I’ve been having trouble signing into my Google Drive and I finally figured it out.

(a) Google started updating my account several hours ago. Or maybe not. Anyway, I went to http://drive.google.com and signed up for notification. I assume that maybe this put me on a list somewhere.

(b) I finally received my invitation and a link to download and install google drive desktop app. And so I did.

(c) When I launched Google Drive… (1) it took a while to load and to show up on the task switcher. (2) when the login screen was displayed the account/email address was pre-filled and I only had to enter my password.

However, no matter what I entered the screen never processed my password. I tried downloading a fresh copy and then re-installing it. Sadly that had no effect.

There was a HELP link on the login screen. When I clicked on it my network monitoring program, little snitch, complained that an app was trying to access the network. What caught my attention was that there were some video artifacts that suggested that there was something shared between Google Drive and Google Chrome.

(d) I quit google Chrome

(e) restarted Google Drive and was able to signin

(f) restarted Google Chrome.

Now everything is working well. I’m not certain what happened… My intuition suggests that there must have been a shared library or install file that collided. Anyway it’s syncing now.

 
Leave a comment

Posted by on 2012/04/25 in architecture, Tools

 

Tags: ,

Little Snitch – Network Monitoring

25 Mar

One of the really neat features of Little Snitch(LS) is that it has a small dashboard that indicates the network i/o for a particular destination. There is a console version of that feature for the Linux set called iftop (there is a version for OSX too). But as I sit here considering LS I’m thinking that it was good in it’s time be that is not the case right now.

LS has a “rules” engine where you specify the application and what remote systems it can connect to. But as I look at the rules they are all enabled. So what benefit is it?

In order to install the OSX version it’s best to have already installed MacPorts. Then install iftop.

sudo port install iftop

(clearly you need root/admin access to your OSX system).

Once you have iftop installed you can launch it with:

sudo iftop

You need root access because intercepting the network packets requires root access.

 
Leave a comment

Posted by on 2012/03/25 in Tools

 

Tags: , ,

iterm2, tmux and the ever-present security

02 Mar

Being a freelance consultant I worry a lot. I worry that I might lose or misplace my laptop or worse that it falls into the hands of someone with less than honorable intentions. Of course you might also install a trojan, be attacked by a virus through multiple vectors.

As a result my clients’ secret sauce falls into the wrong hands; or maybe my family’s private information is leaked like credit cards or SSN.

This and far worse is possible. Unfortunately there are no absolutes. Not even if you built your OS and applications from scratch. First of all there is not enough time to code review everything you’d need. You are probably not a programmer and if you are there is only a slim chance that you can code everything from a video device driver to a web server and a word processor. (there are only a few on the planet and I’m certainly not one of them).

So the best way to protect yourself is a layered approach.

  • Pay for your hardware from somewhere reputable; HP, Dell, Apple.
  • Pay for your operating system or at least get it from a source with a profit motive. Red Hat, Fedora, Ubuntu, CentOS, Microsoft or Apple.
  • When you are installing Free software. Look for the profit motive. If you find one then it might be safe. If not then avoid it and look for one to pay for. OpenOffice is a good choice because it was once part of Sun but before that it might have been questionable.
  • The same can be said for websites, RSS feeds, torrents and so on.
  • And have some checks and balances. For example I use little snitch and Apple’s firewall software to make sure that applications running on my computer do not have random access to the internet.

The profit motive is a strong magnet. It’s what drives the thieves and it’s also what will protect you.

So as I sit here playing with iTerm2, which I have been using for a long while, and tmux and I’m starting to get a case of butterflies. I’m confident that these programmers are good and lawful but I don’t know them personally. The fact that one of them could put in a key logger and then stream that data to their servers make me sick. (hopefully little snitch will catch it but it’s not foolproof.)

Anyway, practice safe computing.

 
2 Comments

Posted by on 2012/03/02 in security

 

Tags:

Apps need to ask permission to use the address book

15 Feb

In a recent techcrunch article the author suggests that OSX should prompt the user when an app wants to access your address book. I initially thought that this was a good idea… but that did not last long. If you’ve used a recent version of Windows you’ve been prompted a hundred times a second for one permission or another.

There is no doubt that we need to have our apps sanboxed but the price is going to be a lot of user friction and could ultimately cripple OSX. I think I’d prefer something like little snitch.

 
2 Comments

Posted by on 2012/02/15 in architecture, security, social networking

 

Tags:

 
One Page Docs

Creating a library one page at a time.

One Page Bugs

Reducing the friction of writing and fixing bugs or features.

Follow

Get every new post delivered to your Inbox.

Join 223 other followers