Research Assistant / Internet Access Policy
Little Snitch it the tool to control which process can connect to which server. But how do you know what purpose the connection has and whether you should allow or deny it? This is where the Research Assistant comes into play. It is made to provide exactly this information.
The source of this info is two-fold and the Research Assistant always tells you where the it came from:
- Software developers can describe the purpose of connections in a file within the app. We call it “Internet Access Policy” (IAP). If such a file is available and correctly signed by the developer, Little Snitch displays the relevant section in the Research Assistant.
- For Apple system processes and other popular software, a default IAP is bundled with Little Snitch.
The Research Assistant is available
- in the connection alert, using the current connection’s properties,
- in Network Monitor, using the common properties of the currently selected line(s) and
- in Little Snitch Configuration, using the common properties of connections matched by the selected rule.
Note that the Research Assistant may be more accurate in the connection alert because every detail of the connection is available. Network Monitor and Little Snitch Configuration work with classes of connections only.
That’s where the Internet Access Policy comes into play. Little Snitch’s Research Assistant shows information about this particular connection directly in the connection alert: What the app does, why it needs that connection and what would happen if you denied it.
The information written by the app’s developer explains what’s going on. In this case, it even explains that you could disable automatic software update checks to prevent the app from trying to connect to the update server in the first place. With this information, you’re in a better place to decide what to do with this connection attempt.
A software update check may not be critical to an app’s functionality, but other connections could be. Therefore, the Internet Access Policy gives developers a chance to ask you if you’re really sure that you want to deny a connection – even if you don’t expand the Research Assistant.
Designed for privacy and security
The Internet Access Policy works exclusively with information bundled inside applications. It uses no Internet connection and does not send any data to any server.
Before showing any information from the Internet Access Policy, Little Snitch makes sure it was not modified since it was written by the app’s developer. To do this, Little Snitch checks the app’s code signature by leveraging security functionality built into macOS.
Also, the Internet Access Policy only contains information – there is no way to allow or deny connections automatically. You are always in control.
What you can do if an app does not include an IAP
Our vision is that as many apps as possible will contain an Internet Access Policy. Users of Little Snitch will benefit by having an easy way to know why a connection is established and what consequences denying it would cause. And developers can show a willingness to be transparent about where their apps connect to – which will surely reflect well on them.
If an app you’re using does not currently include an Internet Access Policy but you would like it to, here’s what you can do:
- If you’re a Little Snitch user: Contact the developers of the app and point them to this page so they can learn about IAP and how they can add one to their app.
- If you’re an app developer: Visit the developer documentation and find out how to add an IAP to your app.
Was this help page useful? Send feedback.
© 2016-2021 by Objective Development Software GmbH