Transmission, Little Snitch and security

Discussion in 'Mac Apps and Mac App Store' started by Stormz, Feb 4, 2009.

  1. Stormz macrumors member

    Stormz

    Joined:
    Aug 21, 2007
    #1
    I'm new to torrents and looking for some advice. For a short while I've been using Transmission to share files, but now I'm wondering if I've been leaving myself open to security risks, and how I should minimize that. Until now, when I open Transmission, I get a Little Snitch alert saying something like

    Transmission wants to connect to SomeServer.com on TCP port 1234
    Allow or deny connection:
    once?
    until Transmission quits?
    forever?

    Condition:
    Any network connection?
    Same port?
    Same server?
    Samer server and port?

    Deny until Quit?
    Allow until Quit?


    I've found that unless I allow any network connection until Transmission quits, then it becomes un-usable with all the Little Snitch boxes opening up continuously alerting me about a different port and server it wants to connect to. The only way to avoid having to deal with Little Snitch every few seconds seems to be to allow any network connection until the program quits.

    From a security point of view (and from the point of view of how you guys usually use Transmission) - is this really what I should be doing, allowing any network connection?

    For the record:

    OS X 10.4.11,
    connecting to wireless router via Airport,
    Firewall on router
    Mac firewall on
    Mac sharing prefs: only personal file sharing turned on (and under the Firewall tab, something called Network Time ticked); internet sharing off.
     
  2. RemarkabLee macrumors 6502a

    Joined:
    Nov 14, 2007
    #2
    Yes, for bittorrent Outgoing traffic, you'll need to allow at least TCP traffic to any IP address on any port number, because you just don't know who you'll be connecting to or on what port they'll be using.

    As transmission is a trustworthy app, I just leave it as ANY ANY always.
     
  3. Tallest Skil macrumors P6

    Tallest Skil

    Joined:
    Aug 13, 2006
    Location:
    1 Geostationary Tower Plaza
    #3
    It's always good to start the day off with humor. Thanks!
     
  4. RemarkabLee macrumors 6502a

    Joined:
    Nov 14, 2007
    #4
    Am I missing something?
     
  5. arkitect macrumors 601

    arkitect

    Joined:
    Sep 5, 2005
    Location:
    Bath, United Kingdom
    #5
    Whatever it is I am missing the "humour" as well…
     
  6. Tallest Skil macrumors P6

    Tallest Skil

    Joined:
    Aug 13, 2006
    Location:
    1 Geostationary Tower Plaza
    #6
    The idea that an application primarily designed for piracy (and which is now capable of infecting your computer with at least two very easy to find trojans) would be considered trustworthy.

    Sure, it's a stable app, but still.
     
  7. RemarkabLee macrumors 6502a

    Joined:
    Nov 14, 2007
    #7
    Okay to put it another way, it's as trustworth as any other Mac bittorrent client. There have been more potential security threats from Safari and QuickTime in the last year than have been reported about Transmission - which by the way is one of MacWorld's 'Gem' applications.
     
  8. vandozza macrumors 6502a

    vandozza

    Joined:
    Jun 14, 2006
    Location:
    Australia
    #8
    FUD.

    It's not like Transmission has suddenly become untrustworthy, it's the same app that it was x weeks ago.

    What's changed recently is our ability to take at face value the contents of some torrents (namely the 2 x illegal torrents that we are aware of.)

    It's not like it's Transmission infecting your machine with Trojans, it's the rogue code that's doing the damage. Transmission won't magically infect your machine, the Trojan still requires some user input (admin privileges) to execute.

    There are plenty of legitimate BT uses, so to say that Transmission is primarily designed for piracy is a bit of a stretch. (Though I will concede that it's most often used for piracy!)

    The recent threats are nothing that a Mac user with Basic Internet Common Sense can't avoid.
     
  9. arkitect macrumors 601

    arkitect

    Joined:
    Sep 5, 2005
    Location:
    Bath, United Kingdom
    #9
    But still… what exactly?

    Transmission now infects Macs?
    Does it?
    :rolleyes:
     
  10. Stormz thread starter macrumors member

    Stormz

    Joined:
    Aug 21, 2007
    #10
    Ah right, thanks Lee, glad to hear that.

    This is probably going to sound like a stupid question (I know I need to learn more about this stuff), but how do I know that any peers I'm seeding files to can't also access stuff elsewhere on my hard drive? For instance, I keep a special downloads folder on my desktop for all Transmission file downloads. Do I need to do anything else to prevent people from accessing stuff outside this folder?
     

Share This Page