If Little Snitch is not blocking any outgoing packets, then it is very unlikely that anything nasty is on your computer. Do you use an email service that allows you to log on through a web browser? If so, it's possible he guessed your password and logged in that way.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Am I being spyed on?
- Thread starter rocketjacket
- Start date
- Sort by reaction score
- Status
If Little Snitch is not blocking any outgoing packets, then it is very unlikely that anything nasty is on your computer. Do you use an email service that allows you to log on through a web browser? If so, it's possible he guessed your password and logged in that way.
Drama??? I LOVE!
If you are paranoid that means there is grounds for some drama right? I was spied on by an ex's ex. Yep, sad, but some people are that sad... I took them to court and ask them to forgive each other and leave me alone, I've moved on and they are still stuck in x-universes
Just saying.
I love you all so much!
If you are paranoid that means there is grounds for some drama right? I was spied on by an ex's ex. Yep, sad, but some people are that sad... I took them to court and ask them to forgive each other and leave me alone, I've moved on and they are still stuck in x-universes
Just saying.
I love you all so much!
The gMail account is secure, passwords changed, no forwarding has been set up on the gMail end of things.
But it doesn't matter how many passwords I change, if my keystrokes are being logged he will have all of them as I change them.
Are you saying Little Snitch cant monitor outgoing packets, I am not sure what you mean?
Hi, not sure that you have read through this thread but that is not what I am interested in, I am looking for a way to find evidence and if I wipe the MBP I wont have any.
----------
22 years of posting on message boards, and this is the first time anybody has accused me of being a "troll".
Says a lot more about the OP than it does about me, TBH.
Only 22 years huh, well if the shoe fits, pop on your lil troll shoes and buggar off, because your still trying to cause trouble (thats just what Trolls do).
Anyone with the knowledge level to use terminal in that way, and interpret the results, wouldn't be having to ask this question in the first place...:roll eyes:
----------
Little Snitch should tell you if anything on your machine is connecting outwards, it won't tell you anything historical so you may need to be a bit cunning....
Try using each email account you have used and releasing a tidbit of information that is different via each account. Any information that makes its way to your ex may then tell you the route by which it was gained...you could also look back and see the information you think has been gained, would it have required access to your machine or only a single account....
Most likely, as suggested above, is your email account has been compromised and can be logged into from elsewhere (most email providers provide a webmail portal for instance). Depending on your email provider, they likely have logs and last access timestamps by each access method so you could ask them (after changing your password). If you never use webmail, but webmail has been recently used then that is likely the method that has been used...
I have mixed feeling about responding here myself. OP, some of the people here simply are feeling some hostility. At any rate, I'm going to try to be helpful.
Gmail has an option at the bottom of it's webmail to view the locations and IP addresses that have accessed your accounts. It also gives you the ability to sign out of all the accounts.
Next, I agree with the suggestion of Little Snitch. It will only give you proof that something is going on, not what has gone on.
Lastly I think it's time you fired up the Console and searched for some of the most popular spying tools. There was once a program called CRYSIS that was a really clever spy program that could hide even from these logs though.
Let's say you're being watched. Another avenue would be for you to use a program like Grand Perspective to find the most recently altered files on your computer. I'd image any worthwhile key logger would be making at least daily changes to some file which I assume is recording all your keystrokes and likely images . If this were not the case you'd be using noticeable amount of RAM to contain this information, and perhaps you should use Activity Monitor to, of course, monitor that. While you're at it, go through the list of running processes (only a hundred or so) and see if there are any there (generally with a higher cpu activity - at least 0.1) that you don't recognize.
I can't fathom why you're wanting to store up this information though. You're going to sue him? He deserves it if he is spying, but I'd really just format and install. Do you still love the guy or something? Kick him out of your life already.
Gmail has an option at the bottom of it's webmail to view the locations and IP addresses that have accessed your accounts. It also gives you the ability to sign out of all the accounts.
Next, I agree with the suggestion of Little Snitch. It will only give you proof that something is going on, not what has gone on.
Lastly I think it's time you fired up the Console and searched for some of the most popular spying tools. There was once a program called CRYSIS that was a really clever spy program that could hide even from these logs though.
Let's say you're being watched. Another avenue would be for you to use a program like Grand Perspective to find the most recently altered files on your computer. I'd image any worthwhile key logger would be making at least daily changes to some file which I assume is recording all your keystrokes and likely images . If this were not the case you'd be using noticeable amount of RAM to contain this information, and perhaps you should use Activity Monitor to, of course, monitor that. While you're at it, go through the list of running processes (only a hundred or so) and see if there are any there (generally with a higher cpu activity - at least 0.1) that you don't recognize.
I can't fathom why you're wanting to store up this information though. You're going to sue him? He deserves it if he is spying, but I'd really just format and install. Do you still love the guy or something? Kick him out of your life already.
Then lay a trap. Confirm what you think is happening.
Have you looked into key logging software for OS X to see what could have been installed? If you're this convinced, make a list of key loggers and read their manuals (RTFM
). You can even install them yourself and follow the instructions to remove them.It's good to know what you're looking for.
Go through Activity Monitor and through Terminal, go through the active processes in "top". Pour through your system logs too.
Take a DD image of the drive and reinstall in the meantime. Restore the DD image to another drive and boot from it or use it to mount a VM for your "investigation"
Besides Little Snitch, iStat Menus will also tell you what processes are using network/CPU resources as it pulls the same info as OS X's Activity Monitor.... some "malware/trojans" used for spying will log(documents/browser activity/keylogging) then upload may it be email or cloud storage. You can always lay a trap of disinformation and trick the person into logging into an account which logs IP addresses(ex: GMail, under security you can see a list of past log-ins and IP)
As far as dealing with stalkers/spying, don't choose security questions others can easily figure out or create alt answers. From dealing with past stalkers I've learned having disinformation floating out there makes it harder for others to guess passwords/security questions.
Having said all that, with any friends/love interest if you want to prevent snooping you should use an OpenFirmware password and have a sub-account without admin permissions if you ever decide to allow a friend/love interest to access "shared content"(music/photos). Also never access any personal email/cloud storage on someone elses' computer.
As far as dealing with stalkers/spying, don't choose security questions others can easily figure out or create alt answers. From dealing with past stalkers I've learned having disinformation floating out there makes it harder for others to guess passwords/security questions.
Having said all that, with any friends/love interest if you want to prevent snooping you should use an OpenFirmware password and have a sub-account without admin permissions if you ever decide to allow a friend/love interest to access "shared content"(music/photos). Also never access any personal email/cloud storage on someone elses' computer.
Ha. Love the thread starter.
How rude has one got to be? I hope you don't find a solution because you are so damn rude.
Don't dish out if you can't take it. And what's wrong with a little snark by users huh? Just because Capathy21 didn't help you doesn't mean you have a right to call anyone that made similar posts "tools"
How rude has one got to be? I hope you don't find a solution because you are so damn rude.
Don't dish out if you can't take it. And what's wrong with a little snark by users huh? Just because Capathy21 didn't help you doesn't mean you have a right to call anyone that made similar posts "tools"
Little Snitch monitors all incoming and outgoing connections across the network interfaces of your Mac.
Even if they have installed a key logger, they have to get the data. For that to happen a connection must be made.
At that point Little Snitch will block it and ask you before allowing the connection, that will tell you what programs/apps are connecting in or out.
Whoa whoa whoa, everybody needs to calm down and stay on-topic. Whether or not the OP "deserves" this or not, spying/hacking is not cool in any circumstance.
I once got hacked by my ex as well, and she was the one did the cheating. Did I deserve to get my privacy broken? Nope, and I'd wager we'd all get a little grumpy too.
OP, I'd recommend just upping your security, changing your passwords and ignoring/blocking your ex. Cold turkey often does the trick.
I once got hacked by my ex as well, and she was the one did the cheating. Did I deserve to get my privacy broken? Nope, and I'd wager we'd all get a little grumpy too.
OP, I'd recommend just upping your security, changing your passwords and ignoring/blocking your ex. Cold turkey often does the trick.
If Little Snitch doesn't find anything connecting then I'd lean towards a compromised email account or cloud storage (as you mentioned documents).
You misunderstood completely what I said.
As I said, Little Snitch is overkill.
Instructing on how to open a terminal window and type a proper command (help netstat, for example) does not require any competence on the OP's part, just like copy and pasting the results here.
Unless you think that opening an application, pasting a string, copying a string and pasting it into a forum requires a high level of knowledge, that is.
----------
It will most certainly not tell you anything.
It will tell others vital information that can help.
I have never suggested anyone to buy any software.
Look, I tried to help. But, Bye Bye baby.
You misunderstood completely what I said.
As I said, Little Snitch is overkill.
Instructing on how to open a terminal window and type a proper command (help netstat, for example) does not require any competence on the OP's part, just like copy and pasting the results here.
Unless you think that opening an application, pasting a string, copying a string and pasting it into a forum requires a high level of knowledge, that is.
That would be great but you actually said "Have a look at /Library/LaunchDaemons/, ~/Library/LaunchDaemons/ and /Library/LaunchAgents/. Notice anything?"
What level of knowledge does "have a look at" and "notice anything" need??? Making assumptions about others levels of knowledge doesn't come across as helpful. Ever.
I am not interested in pointing out how to do any of those tasks here now, although it is very, very obvious to anyone who has ever even looked into any *nix OS.
I can only assure you that it doesn't take more effort than two clicks. Which again, you seem to regard as requiring some level of knowledge.
Regards.
There are essentially 2 methods of keylogging. One will log keystrokes and send them over the network connection to a remote computer. This is by far the most common, but also the noisiest. Little Snitch will block these packets unless you allow them.
Another will log the keystrokes and save them to a local file. This is far more covert because there is no network activity, but requires the attacker to have physical access to the computer to retrieve it.
It would be helpful to have more information. Does he have entire documents or just knowledge about what was typed in them? Does he have the actual emails, or just knows what you were talking about in them? Do you get email on your phone? How long and complex is your password for Gmail? Have you installed anything from outside of Apple's store? When was the last time he had physical access to your computer? Does/Did he know your administrator password? Is there anyone else who he may have gotten the information from? How about the recipient of the email? Could they have told him? Were you typing things in these documents and emails that he may have been able to guess, even if he had no access to it?
There are many ways he could have gotten that info without installing a keylogger.
you are right sorry..
i can be an a$$ sometimes sorry..
i know what it is like to really be followed or to be threatened with "you are being followed...", it does make me very paranoid and there is a real shock to the system it is a form of trauma caused.
sympathies
I love you all!!
"There are some very tech savvy people in this site." Agreed, thanks for pointing out the obvious.
" In this case they have obviously gone above your head and you have just shot them down." And where exactly have they gone above my head in this thread? They haven't and you just made a claim that you cant prove. In fact the only thing you have proved is that you struggle with comprehension, hop over to an English forum and study up.
"solution to your paranoia" Again, another claim ... *Yawn*
*Unless you would like to apologise but we all know that is not going to happen*. Apologise for what exactly? Telling the truth to the Trolls like you who have an over inflated opinion of their abilities living in the delusion that they are actually helping? Pfft!
To the people who are actually helping, I am extremely grateful and thankful.
----------
Far out, its not paranoia when you know someone has a document of yours. Some things are just facts! If people were following you, that's not you being paranoid, its a fact that you were followed.
i can be an a$$ sometimes sorry..
i know what it is like to really be followed or to be threatened with "you are being followed...", it does make me very paranoid and there is a real shock to the system it is a form of trauma caused.
sympathies
I love you all!!
The document he had access to isn't something in a Dropbox folder, is it? All it takes is a click to get a shared link to that folder and boom, access to everything in it no matter how many times the content changes. Easy fix too, just move stuff into a private folder and remove sharing for all of it, up to and including removing his access to privately shared folder.
- Status