[highercenter]

I got hacked, felt paranoid, made an app... Yeah right!

This app is not a one man show! This app, with all it's license stuff, backdoors etc.. all ready to know a lot of all your network traffic going in and out, and you agree upon all this when you install it. Now YOU got hacked! Or do you think the app will also show in detail what data they store and share on their servers and third parties and more?

767 point and counting on HN, amazing...

Good luck!

[diminish]

I feel paranoid, too:

Surprise HN; I'm trying to grasp why this is upvoted so high (1) This submission has a reddit style storified title but doesn't link to the story (2) Uses the word "app" , to catch the mobile crowd, which for Windows wasn't used traditionally (That also explain the top comment, which is about aesthetics) (3) seems to suggest the problem is solved the first time, despite the fact that there are dozens of similar apps, commercial, free or open source.

[Kudos]

It is the best looking and best presented Windows app I can remember seeing. Can you show me a single app with similar functionality that is presented as well as this?

[Nilzor]

Why is that relevant? _diminish_ points out misleading marketing in the HN post title. It aggrevates me as well, even though the presentation on their web site is nice and all that.

_edit_: I can see that your post is relevant with regards to (3) - "problem solved for the first time". They may have some features that no others have, such as alerts. There are many similar apps though. One example: Netlimiter http://www.netlimiter.com/

[Kudos]

You're ignoring the aesthetics of the app and the marketing. It stands apart because of it.

To give you an anecdotal idea of how compelling that can be, I booted my gaming Windows machine just to take a closer look at it.

[drzaiusapelord]

Not to mention, this kind of app does us no good. Its another little snitch clone. Joe End User isn't making heads or tails of this. Why would he want to?

What I want is a simple no-worry IDS/IPS I can install on easily on Win or OSX machines. Have it use the rules Snort uses. Make it dead simple to install. Now I don't have to spend hours digging through logs or graphs by apps like these. The IDS/IPS just stops hackers from entering. I'm a sysadmin and I run IDS and its a game-changer for us. Yet somehow in the home user space, its non-existant.

No idea on how bad the licensing on those Snort rules is, but a 1-click WinSnort that auto-updated itself would be a game changer. I find it amusing that everyone lives in fear of Cryptolocker when a simple rule can detect Cryptolocker traffic and deny it access to the mothership to generate a key. No key, no encryption.

I could see this evolving into a smart firewall type app on top of these static rules. It could say, "Hey why is guy downloading an unsigned exe from a computer on the botnet list? I'll block that." Or "why is this guy sending out suddenly smtp connections to thousands of servers. I'll just block that."

[raesene4]

For me, I don't think that applications like this are targeted at "Joe End User" more at technical people who would like more information about what network connections are happening from their machine.

Personally I've been looking for a little snitch equivalent for Windows for a while now and this one seems like a good starting point.

I think that the problem you might have with IDS/IPS for end user machines is similar to the problems that end users would have with this kind of software. Namely when it blocks/alerts it's very hard to translate the reason for the block (a SNORT rule) into something that's meaningful for a non-technical user.

the alternative is just to silently block, but that leaves the user with a problem whenever there is a false positive (which is a fairly large problem with network IDS/IPS in my experience)

[drzaiusapelord]

You could say the same thing about AV software. Just log events in a tray application. False positives are simply going to happen. They happen with everyday AV. Well written rules won't have this issue often and for end users it'll be edge cases they don't have to worry about. If it is a serious case they can call their tech savvy son for help, just like they do now with all other issues.

[raesene4]

I'm all for caution when it comes to installing software, but it seems in your comment that you're suggesting that this software is actually malicious.

Do you have any evidence of malicious intent/execution from this software, or this just your presumption based on their marketing?