KSFetch Annoyance on Mac OS X 10.8 ML with ‘Hands Off’ or ‘Little Snitch’ Firewall.

So you have some firewall on your Mac OS X setup, and it nags about 4 times a day about wether you want to grant KSFetch access to the net. Thats the thing that has been bugging me for months and finally decided to figure out a way to sort out this little menace.

As it turns out, this is a common issue with an ongoing discussion in several places across the web, namely here and on here at google groups.

KSFetch is a process for autoupdating of any and all google products installed on your system. Chrome being one of the most popular. Unfortunately, KSFetch is recreated each time it wants to check for updates and placed in a new directory, part of which is randomised. The randomised part of it means your firewall won’t know of it every time a new one is created even though you may have selected ‘always allow’ or ‘always deny’ because its looking at the wrong directories due to the nature of the random string in each. This results in your firewall having a ridiculous list of KSFetch entries in it and a continual nagging from your firewall about wether to allow or deny.

Another aspect to the issue is that, not only can we not block programs that keep moving and re-spawning in new locations effectively in our firewalls but that it does it every single bloody hour as the default. Its insanity.

We have only but a few options. The first of which is to change the respawn time through a configuration option that is available for setting its spawn interval, the second option is to uninstall every single google product on your system. Great choice huh?

You cannot remove the updater apparantly because if you do, any installed google product you have will reinstall it. So basically your trusted google software is acting like a virus/malware. Awesome.

This is what you need to type into terminal to change the interval:

This one is for 24 hours.
$ defaults write com.google.Keystone.Agent checkInterval 604800

This one is for 7 days
$ defaults write com.google.Keystone.Agent checkInterval 4233600

The interval is measured in seconds, so thats the examples i gave above for some good defaults you could use, which should mitigate the annoyance and frustration of the issue. Ultimately though, google is at fault for implementing such a bizarre and incredibly annoying approach to solving a rather simple problem that stubbornly won’t play well with firewalls, won’t allow itself to be removed without removing all google products and that creates new instances of itself for each updater check.

22 thoughts on KSFetch Annoyance on Mac OS X 10.8 ML with ‘Hands Off’ or ‘Little Snitch’ Firewall.

  1. Thanks for that info. I’ve been getting reminders about once an hour. Until now I have denied access to the net, but I guess I will have to allow. I have used your script to increase the interval to 24 hours. Hopefully that will lessen the annoyance.

  2. Thanks. I had removed all Google software because it was so annoying and stressful to keep being interrupted in the middle of work by the ksfetch pop up. Every time it’d pop and I’d have to stop what I was doing, all I could think was I F-in hate Google. They really need to fix this. What a stupid design decision on their part. It is a virus-like behavior.

    Thank you for the tip!

  3. the numbers are off by a factor of 7; 604800 seconds is 7 days, the other one is 49 days. for a 24 hour interval, use 86400 seconds.

    i fully agree with everything else in this post 🙂

  4. Solution at http://www.wardt.info/little-snitch-and-ksfetch/   Basically, wildcard the path.

  5. @thisdoor make sure you don’t include the $, the $ is just to show its on the command line.

    So just type this:

    defaults write com.google.Keystone.Agent checkInterval 4233600

  6. @Aaron that solution will not work with ‘Hands Off’ because hands off does not allow you to edit the location of the program and use wildcards with it.

  7. Pingback Zapytania procesu KSFetch | Michał Dziadkowiec
  8. Thank you very much for sharing your solution, ksfetch nagging was driving me insane.

    Does anyone know why Google chose this approach to update their software?  I’d love to know their reasoning for this particularly user-hostile design.

  9. This: https://discussions.apple.com/message/19432025#19432025 seems to be the best solution for Hands Off!.

  10. just make the rule like this, problem will be solve.



    into the rules. and allow all connections.

  11. Use TCPBlock (tcpblock.wordpress.com) which is still free for now. You can black-list selected apps and background processes. Or you can block everything and white-list only the ones you want, just launch them one by one and click “Insert”. When white-listing, in addition to your primary apps be sure to add the core background processes such as (depending on your version of OSX):
    com.apple.geod (Maps)
    com.apple.WebKit (Safari)

  12. Pingback » Apple:Keystrokes getting eaten randomly
  13. I found this some where and it works like a charm.
    Locate google update folder.
    Get info = command i, or File/Get Info.
    Change permisions to “read only”.
    Lock folder = checkbox “Locked”.


    Need to update something?
    Reverse procedure.

  14. The original link to Richard Wardt van Duijvenbode’s fix for Little Snitch is broken. Here is a copy of his fix courtesy of the Wayback Machine:

Leave a Reply