alt Hacker Newsi always worry about tools like this, maintained by small teams, that are so universal that even if only a small fraction of installs are somehow co-opted by malicious actors, you have a wide open attack surface on most tech companies.
e.g. iTerm, Cyberduck, editors of all shades, various VSCode extensions, etc.
Replies
josho • today at 2:22 AM
Similarly I worry about how these apps automatically update themselves. I know it can be done securely. I also doubt that these companies invest the engineering effort to do so.
hsbauauvhabzb • today at 2:29 AM
If you think large companies are somehow immune to this, you’re gonna have a bad time.
➕ show 1 reply
I don’t get it, why don’t you all—absolutely all of you reading—use Little Snitch? [1]
It really doesn’t compute in my head why would any macOS user not use a network firewall like this, or similar, to block unwanted outgoing HTTP(s) requests. You can easily inspect the packet with tools like Wireshark or Burp Suite Professional (or Community) edition, or any other proxy tool, of which there are many in the macOS ecosystem.
And this is not unique to macOS, this is all possible in Windows, Linux and any other OS.
[1] https://www.obdev.at/products/littlesnitch/index.html