Internet Access Policy

The classic Research Assistant contains information on many system processes in macOS and several third party apps. We have researched this information on our own. Keeping it up to date is not feasible because new apps and updates to existing apps are released constantly. As a result, the information in the database becomes outdated quickly.

To close this gap we’ve introduced the Internet Access Policy (IAP) in Little Snitch 4. This allows third party app developers to bundle a policy file with their app that contains information about the Internet connections the app establishes and what purpose they serve. Little Snitch uses this information to help you decide whether to allow or deny a connection.

An example

Let’s assume you’re using LaunchBar. After a while of using it a Little Snitch connection alert appears (if you’re using alert mode). How do you know whether to allow or deny this connection?

That’s where the Internet Access Policy comes into play. Little Snitch’s Research Assistant shows information about this particular connection directly in the connection alert: What the app does, why it needs that connection and what would happen if you denied it.

The information written by the app’s developer explains what’s going on. In this case, it even explains that you could disable automatic software update checks to prevent the app from trying to connect to the update server in the first place. With this information, you’re in a better place to decide what to do with this connection attempt.

A software update check may not be critical to an app’s functionality, but other connections could be. Therefore, the Internet Access Policy gives developers a chance to ask you if you’re really sure that you want to deny a connection – even if you don’t expand the Research Assistant.

All this information is available in every component of Little Snitch where you can allow or deny connections: In the connection alert, the Network Monitor and the Configuration.

Designed for privacy and security

The Internet Access Policy works exclusively with information bundled inside applications. It uses no Internet connection and does not send any data to any server.

Before showing any information from the Internet Access Policy, Little Snitch makes sure it was not modified since it was written by the app’s developer. To do this, Little Snitch checks the app’s code signature by leveraging security functionality built into macOS.

Also, the Internet Access Policy only contains information – there is no way to allow or deny connections automatically. You are always in control.

What you can do if an app does not include an IAP

Our vision is that as many apps as possible will contain an Internet Access Policy. Users of Little Snitch will benefit by having an easy way to know why a connection is established and what consequences denying it would cause. And developers can show a willingness to be transparent about where their apps connect to – which will surely reflect well on them.

If an app you’re using does not currently include an Internet Access Policy but you would like it to, here’s what you can do:

• If you’re a Little Snitch user: Contact the developers of the app and point them to this page so they can learn about IAP and how they can add one to their app.
• If you’re an app developer: Visit the developer documentation and find out how to add an IAP to your app.

Was this help page useful? Send feedback.
© 2016-2024 by Objective Development Software GmbH