Not so long ago, an acquaintance insisted that he didn't need "uploads" for his internet connection, because he was only downloading things and therefore, it was waste of money and capacity.

The internet doesn't work like that though: it's a two-way system where your computers send as well as receive data. Without "uploads" there would be no "downloads".

Nevertheless, when most people talk about their internet connection, they think of what is being received, and not so much what they send.

Security measures such as firewalls are usually aimed at limiting access to users' computers, to prevent evil hackers and malware from poking at these.


Data going in the other direction, leaving your computer, is just as important and can pose significant risks as well. This is a neglected area of computer security: if your requests for information, or the data you send like important emails, or while visiting government or bank websites is captured, they can be used for surveillance.

Intercepted data can also be subverted so that you think you're talking to the right server, but your computer is in fact chatting with a digital miscreant's machine that's hijacking your communications.

iPhone SE and new iPad Pro - small but better value
Juha Saarinen: IT plans need open-source solutions
Juha Saarinen: 'Locky' ransomware strikes

Unfortunately, it's difficult to monitor and control what leaves your computer and how it does it, something that was driven home when I tried out the Little Snitch application from Australian coders Objective Development.

Little Snitch costs 30 euro for a single-user license, runs on Apple's OS X operating system, and reveals with painful clarity how chatty the applications and software on your computer are.

Booting up my MacBook triggered some 80 outgoing connection alerts from Little Snitch.

Most of them are harmless and required to use cloud services, to check for updates and to find servers on the internet. You could use those connections though, to locate my computer.

The sheer amount of outgoing connections was surprising, especially since I've tried to keep the amount of software installed on the MacBook low.

One thing that concerned me was that while the majority of system services connect via secure and encrypted data streams, a small number would talk to internet servers in clear text.

That's something you don't want to happen when for instance you connect via public Wi-Fi, and other, unknown people share the network you're on and Little Snitch lets you deny those connections (it does break some apps in the process).

Opening emails too caused masses of connection attempts via embedded images and other objects in those nicely formatted messages. These can be used to track when you open emails and where. Spammers and marketers quite happily use that technique to check if email accounts are "alive" and their messages are being read - Little Snitch can detect those and other malicious connections, and let you block them which is great.

Little Snitch requires a reasonable understanding of the internet and the communications protocols used on it. If you're that way inclined though, it's a great tool. Being able to see which app does what over a network, and Little Snitch makes it easy to observe all the network activity (it monitors incoming connections too), is both fascinating and disconcerting as it's not something you'd be aware of normally.

What Little Snitch showed was just how many potentially risky digital spoors your typical internet user leaves, just by switching on a computer. Now add together similar data from billions of other users using internet connections, collected automatically and stored for easy analysis, and you have a pretty comprehensive and potentially dangerous tracking system.

That's great for "surveillance capitalists" and government spies alike, but it could be a serious threat to privacy and the United States recently started worrying about it.

New Zealand is actually ahead of the game here, the Privacy Commissioner's office told me. We have a telco Privacy Code in effect that strictly limits what user and usage information can be gathered, down to the data packet level.

Such restrictions are arguably better than technical solutions that block communications that you're not sure of indiscriminately and have the potential to hobble the internet for users. It is an ongoing discussion though that the whole internet needs to have, because getting it wrong could have some rather nasty consequences.