Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Transmission, Little Snitch and security

Stormz

Stormz

macrumors regular
Original poster
Aug 21, 2007
132
184
I'm new to torrents and looking for some advice. For a short while I've been using Transmission to share files, but now I'm wondering if I've been leaving myself open to security risks, and how I should minimize that. Until now, when I open Transmission, I get a Little Snitch alert saying something like

Transmission wants to connect to SomeServer.com on TCP port 1234
Allow or deny connection:
once?
until Transmission quits?
forever?

Condition:
Any network connection?
Same port?
Same server?
Samer server and port?

Deny until Quit?
Allow until Quit?

I've found that unless I allow any network connection until Transmission quits, then it becomes un-usable with all the Little Snitch boxes opening up continuously alerting me about a different port and server it wants to connect to. The only way to avoid having to deal with Little Snitch every few seconds seems to be to allow any network connection until the program quits.

From a security point of view (and from the point of view of how you guys usually use Transmission) - is this really what I should be doing, allowing any network connection?

For the record:

OS X 10.4.11,
connecting to wireless router via Airport,
Firewall on router
Mac firewall on
Mac sharing prefs: only personal file sharing turned on (and under the Firewall tab, something called Network Time ticked); internet sharing off.
 
Yes, for bittorrent Outgoing traffic, you'll need to allow at least TCP traffic to any IP address on any port number, because you just don't know who you'll be connecting to or on what port they'll be using.

As transmission is a trustworthy app, I just leave it as ANY ANY always.
 
Tallest Skil said:
The idea that an application primarily designed for piracy (and which is now capable of infecting your computer with at least two very easy to find trojans) would be considered trustworthy.

Sure, it's a stable app, but still.
Click to expand...

Okay to put it another way, it's as trustworth as any other Mac bittorrent client. There have been more potential security threats from Safari and QuickTime in the last year than have been reported about Transmission - which by the way is one of MacWorld's 'Gem' applications.
 
Tallest Skil said:
The idea that an application primarily designed for piracy (and which is now capable of infecting your computer with at least two very easy to find trojans) would be considered trustworthy.

Sure, it's a stable app, but still.
Click to expand...

FUD.

It's not like Transmission has suddenly become untrustworthy, it's the same app that it was x weeks ago.

What's changed recently is our ability to take at face value the contents of some torrents (namely the 2 x illegal torrents that we are aware of.)

It's not like it's Transmission infecting your machine with Trojans, it's the rogue code that's doing the damage. Transmission won't magically infect your machine, the Trojan still requires some user input (admin privileges) to execute.

There are plenty of legitimate BT uses, so to say that Transmission is primarily designed for piracy is a bit of a stretch. (Though I will concede that it's most often used for piracy!)

The recent threats are nothing that a Mac user with Basic Internet Common Sense can't avoid.
 
RemarkabLee said:
Yes, for bittorrent Outgoing traffic, you'll need to allow at least TCP traffic to any IP address on any port number, because you just don't know who you'll be connecting to or on what port they'll be using.

As transmission is a trustworthy app, I just leave it as ANY ANY always.
Click to expand...
Ah right, thanks Lee, glad to hear that.

This is probably going to sound like a stupid question (I know I need to learn more about this stuff), but how do I know that any peers I'm seeding files to can't also access stuff elsewhere on my hard drive? For instance, I keep a special downloads folder on my desktop for all Transmission file downloads. Do I need to do anything else to prevent people from accessing stuff outside this folder?
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back