Understood. But some downloads/uploads happen w/o our knowledge. A keylogger is an extreme example, but such malware can trigger an upload w/o the knowledge of the operator. Perhaps a more pertinent example might be software that needs ancillary files not on your system, depending upon what you're doing. Or Web pages that pull support files from various locations. Those files are downloaded and stored in memory/cache. For instance, I frequently see status bar notifications that a Web site is being contacted for some .js library, or for pulling down advertising material. That's
junk stuff that ends up on my machine w/o my direct knowledge. I want to know about it. And if there is something on my system that is phoning home when I use it, I want to know about that. So this isn't just about stuff I install/installed. It's about stuff I haven't installed, or don't know was installed.
Here's an example. I was working on a Web page for a friend. That page required a .js library, which was being called from some storage site. The page worked on the Web, it worked on my local system in Dragon, Safari, Opera, IE8 (!), but would not work in FireFox. After a lot of research, I pinned that down to the fact that FireFox had an earlier version of the library in cache and was using that instead of downloading a new copy. OK, proper browser behavior. But it broke the [local] page. And it took me about ten (10) days to discover that. If I'd had a [configured] download log, I could have discovered that in a day or two. And I've had similar problems with local software that needed to use a plugin on the fly using a cached copy rather than grabbing the latest version - or grabbing the latest version instead of using the cached copy.
Problem resolution in such instances would be much faster if I could configure some application to monitor all traffic involving certain file names/extensions, e.g., .js, .exe, .dll, .zip, and so on.