Little Snitch vs. Hands Off: Which Monitoring Utility is Better?

We live in a world where protecting our privacy isn’t just a matter of principle. Letting your personal information get exposed can harm you financially if your credit card information is obtained, and your credit rating can be damaged if someone steals your identity. Your emails and chat messages can contain sensitive information that you want to ensure only go to their intended recipients.

Our computers hold abundant amounts of personal data that most of us would rather not let get into the wrong hands. You might be surprised to see just how many applications are constantly sending data out of your computer, and it is important to be sure that all that stuff is going to places you trust. Fortunately, there are apps that help us monitor what our computers are sending out, and allow us to selectively block transmissions. Here we are going to look at two excellent apps called Little Snitch and Hands Off that aim to do just that.

What Exactly Do These Apps Do?

Every app that you use on your Mac that sends or receives something, from your email client to your RSS reader, sends certain pieces of data to a server out in the vast ocean of the internet. Most of these apps are ones you can trust, but certain apps may be more suspicious.

You can think of Little Snitch and Hands Off as your spies. Once you tell them who is allowed to communicate with whom, they monitor your outgoing connections and only allow those with the proper permission to actually transmit any data.

User Interface

Little Snitch and Hands Off approach their task in much the same way. Once you launch them, both begin to immediately watch for any app attempting to access data from a remote server. The first time an app does, you will get a dialogue box letting you know who was just caught.

You also get some basic information about what server is requesting the data. Hands Off seems to do a better job of communicating what is going on. For example, it told me that iChat was trying to communicate with “” which is obviously a place I trust. Little Snitch, on the other hand, only said that it was trying to connect with “ on UDP port 16384.” I would prefer to know what that address actually is.

Hands Off gave me very specific information about what iChat wanted to do.

Little Snitch gives you similar options, but with slightly less helpful information.

The two apps then make it very easy to choose what you want to do after being alerted. Both ask you to select whether you want your decision to be permanent, to last only until you quit the app, or just this one instance. Hands Off also adds another option, which lets your decision last until you reboot your computer. Next, both apps give your four options. Little Snitch lets you decide to:

  • Grant the app in question to freely access any connection
  • Grant it access only to the specific port it is requesting
  • Grant it access only to the specific address it is requesting
  • Grant it access to both the address and port it is requesting

Hands Off also has four options, but they are slightly different:

  • Grant access to any domain’s resolving
  • Grant access to any domain’s resolving and outgoing connections
  • Grant access only to the domain in question
  • Grant access to the domain in question and allow outgoing connections

As you can imagine, it can be tedious getting popups at first as the apps have to go one by one through whatever you are opening or might have requesting access in the background. Both apps save all these decisions you make into a menu that is accessible from your menubar. You can see all the apps that have been given permission, and can sort by specific variables.

The menus of these two apps look very similar, but Hands Off (seen here) is slightly more streamlined.

Honestly, it’s shocking just how similar the interface on the menu screen is. Both apps refer to your permissions as “rules,” both allow you to search from the top of the window, both even employ similar graphical themes.

Little Snitch (above) has much of the same functionality as Hands Off, but can be a bit more cluttered.

Winner: Hands Off

Both of these options approach the alert system in a very similar way. I think Little Snitch does the presentation in a slightly more attractive way, but Hands Off breaks down the relevant information for you in a more user-friendly way. Overall, I found the interface of Hands Off to be slightly superior to Little Snatch.

Functionality and Performance

I did a series of tests by opening Little Snitch and Hands Off separately, and then opening several different apps on my computer to see if they both alerted me to the same things. Both performed exactly the same, (and Hands Off was particularly vigilant, even asking me if Hands Off itself had my permission to transmit and receive data). Neither one slowed down my system at all, and a check of the Mac’s built in Activity Monitor showed that both used a very small amount of RAM and processing power.

Hands Off (above) and Little Snitch both run in the background, so you won't need to keep them open.

You don’t just have to wait until you open an app for the first time to set up a rule. Both Little Snitch and Hands Off allow you to manually set up new rules. After choosing the app you want to limit, you can select a specific hostname, IP address, port, and many other options. Hands Off gives you a few more options on this menu than Little Snitch, as shown in these screenshots:

Hands Off gives you a bit more flexibility when creating a new rule.

Little Snitch's new rule input menu is similar, but slightly more limited.

Hands Off does manage to separate itself from its competitor in one important way: it doesn’t just monitor outgoing transmissions, but actually gives you the power to block incoming data as well. Both of these apps are primarily billed as ways to protect your privacy, but the ability to block incoming connections is a valuable weapon to combat threats such as viruses, trojan horses, keystroke loggers and other harmful programs.

If you are worried about someone coming and changing your rules, Little Snitch will let you lock your settings. Such a tool is probably for the most paranoid of users. It is unlikely that the developers saw this as a way for parents to block access of certain apps, since Mac OS X already has this function built in.

A nice addition that both apps have is a pop-out network monitor that shows real-time network activity. The Little Snitch window can appear whenever you mouse over the menubar icon, whereas the Hands Off window requires either a manual selection from the icon’s drop-down menu, or a keyboard shortcut. The menubar icons themselves also give a limited view of network activity.

Little Snitch (left) and Hands Off (right) both have network monitors that can you can open to show real-time information about what apps are actively transmitting data.

These apps are both designed to be background enforcers, and after taking the time to define permissions for your apps, they generally do stay out of the way. Perhaps the most important part of any app like this that has so much control over your system is the off button. Both allow you to either disable all your rules, or just turn them off temporarily. Hands Off gives you that power right from the menubar and via keyboard hotkeys, whereas Little Snitch makes you navigate into the preferences pane.

The preference pane on Little Snitch is where you'll find the disable button. Hands Off has this option accessible from the menubar.

Lastly, one very minor complaint I had with Little Snitch is that it makes you restart your computer after installation. Hands Off starts doing its job immediately.

Winner: Hands Off

The interfaces of these apps were designed in almost identical ways, but the functionality is where some more pronounced differences start to show. I was much more pleased with the way that Hands Off takes their protection a step further by preventing incoming access if needed, and found navigating to certain things like the enable/disable button to be much more user-friendly.


Both of these apps have free and paid versions. The free versions have full functionality, but will automatically shut off after a few hours. Utility apps like these are most effective when they are always running, so I would recommend shelling out for the paid version if you are truly interested in monitoring your apps.

The full version of Hands Off is $25, and the full version of Little Snitch is $30.

Who Wins?

Make no mistake, these are very similar apps that do just about the exact same thing. Neither does anything radically different than the other, so the differences are very subtle.

I think Hands Off is slightly more user-friendly considering the easier navigation for certain tasks, such as disabling the rules right from the menubar. What makes Hands Off the winner for me is the ability to block incoming as well as outgoing connections. Since the two apps are indistinguishable in so many ways, this added functionality pushes it over the top.

For most competing apps, a five dollar price difference isn’t large enough to be much of a factor. However, I think in a case like this where the competitors have such similar products, it should play a part, and my preferred app, Hands Off, is the cheaper one.

Do You Really Need Either?

A natural question to ask about these programs is whether or not you need one. That, of course, is a subjective question. If you are someone who is very concerned about your privacy and are the type of person who doesn’t like sending user data to companies, then these apps are perfect for you. If you are someone who doesn’t just download your apps from the Mac App Store and instead like to download from slightly less reputable places where apps aren’t screened, Little Snitch and Hands Off will definitely benefit you. However, if you are someone that only owns a few apps, all of which come from developers you trust, or you aren’t overly concerned about your personal data being sent to strangers, these apps may be overkill.

Perhaps what could persuade me to use apps like this would be a developer or community driven blacklist that these apps could download and update periodically. If many users have identified a certain app that has proven itself to be untrustworthy, other users could have access to that information for themselves.

What Do You Think?

Now that I’ve shown you what my experience was using these apps was like, we’d love to hear what you think. Is there some particular feature in one of these that makes it the winner for you?