Little Snitch 5 Released for macOS Big Sur With New Design, Improved Network Traffic Monitoring, and More

[MacRumors]

Austrian developer Objective Development today announced the release of Little Snitch 5, a major new version of its popular network monitoring utility on the Mac. Whenever an app attempts to connect to a server on the internet, Little Snitch shows a connection alert, allowing you to decide whether to allow or deny the connection.

The headline new feature of Little Snitch 5 is integration of new network filter technologies introduced in macOS Big Sur. Objective Development says the app's underlying engine was rebuilt to replace the previous kernel extension-based approach, which is no longer supported by macOS. The app has also been redesigned for macOS Big Sur.

Little Snitch 5 now captures connection information in the background. The app no longer requires the Network Monitor application to be running in order to collect this information, resulting in reduced memory and CPU consumption. The new monitoring system is now capable of holding traffic information from up to one year ago, versus one hour previously.

System administrators now have the ability to configure settings via a command line interface, making Little Snitch scriptable for the first time. This interface provides both historical and real-time log data of all network connections.

The app has also moved to drag-and-drop installation, meaning that restarting is no longer necessary for installation or updates.

Little Snitch 5 is available now on Objective Development's website for $45 per individual license. Existing customers who purchased Little Snitch 4 after November 1, 2019 can upgrade to Little Snitch 5 for free. Customers who purchased Little Snitch 4 prior to November 1, 2019 are able to purchase Little Snitch 5 for a reduced price of $25.

Little Snitch 5 requires macOS Big Sur. Users still running macOS Catalina or older can still purchase and run Little Snitch 4, which includes a free update to Little Snitch 5, giving users the freedom to choose when to upgrade.

Article Link: Little Snitch 5 Released for macOS Big Sur With New Design, Improved Network Traffic Monitoring, and More

 

[Rychiar]

but we don't have Big Sur yet

 

[Serban55]

Its nice to see that dev already releasing final ver for the upcoming Big Sur...thats why arm apps will be on the horizon soon

 

[justperry]

Little Snitch should have a longer beta version available for users which purchased LS before November 1 2019, it's still fairly buggy, after I think ~5 November the beta will expire so no blocking without Purchasing/Upgrading to the next version.

 

[ArtOfWarfare]

I don't understand - what is the use case of this program?

Is it for catching if you have malware installed on your Mac that's making a lot of unexpected outbound connections? Or would the expectation be that you're using your Mac as a public server, and you want to monitor for malicious inbound connections? Both? Something else?

Network security isn't something that I've done much in.

 

[omenatarhuri]

The release timing is a bit strange.

There are only beta Xcode available to build Big Sur apps with (if native) and of course Big Sur itself is still beta...

Regardless, congrats to the devs on the release if you’re reading this forum!

 

[chrisdazzo]

Betas have been working great for me lately on Big Sur beta v11.0.1, easy purchase decision. Fully worth the $25 (or $45).

 

[sashavegas]

Little Snitch can't control Apple's apps - so much for the privacy mantra.
https://tidbits.com/2020/10/22/apple-hides-traffic-of-some-its-own-apps-in-big-sur/
https://mjtsai.com/blog/2020/10/22/apple-apps-exempt-from-network-filters-and-vpns/

https://twitter.com/x/status/1318465421796782082

 

[oneMadRssn]

I don't understand - what is the use case of this program?

Is it for catching if you have malware installed on your Mac that's making a lot of unexpected outbound connections? Or would the expectation be that you're using your Mac as a public server, and you want to monitor for malicious inbound connections? Both? Something else?

Network security isn't something that I've done much in.

It's for catching any app, not just malware, making a lot of unexpected outbound connections and potentially blocking them. It's not just malware, but these days many "free" apps and services will phone home in ways users may be uncomfortable with.

The downside is this app will only report such things on the Mac where it's installed, not on the whole network. It's far more advanced and involved to set up, but PiHole is a better tool for monitoring an entire network like this.

 

[Charles50]

Yay, I got the $25 upgrade price, since I only bought it a few months ago.

NOTE: Watch for discounts offered through the developer's twitter account. Occasionally they run offers of 50% off.

 

[Charles50]

Little Snitch can't control Apple's apps - so much for the privacy mantra.

Um.. macOS internals are already exempted under the LS default ruleset. They have to be.

 

[justperry]

It's for catching any app, not just malware, making a lot of unexpected outbound connections and potentially blocking them. It's not just malware, but these days many "free" apps and services will phone home in ways users may be uncomfortable with.

The downside is this app will only report such things on the Mac where it's installed, not on the whole network. It's far more advanced and involved to set up, but PiHole is a better tool for monitoring an entire network like this.

Isn't Pihole something completely different, I thought Pihole is for blocking Ads.
LS is a Firewall App as far as I know, highly configurable.

 

[justperry]

Um.. macOS internals are already exempted under the LS default ruleset. They have to be.

Nope, that's not the case.

 

[justperry]

Yay, I got the $25 upgrade price, since I only bought it a few months ago.

NOTE: Watch for discounts offered through the developer's twitter account. Occasionally they run offers of 50% off.

Contact Obdev, you should be eligible for a free Upgrade.

 

[weaztek]

The free upgrade to v5 is a welcome bonus during this economic downturn. Kudos to Objective Development!

 

[johannnn]

The free upgrade to v5 is a welcome bonus during this economic downturn. Kudos to Objective Development!

Except if you’re the developer

Anyway, this is an awesome app for the paranoid!

 

[Ludatyk]

Yay, I got the $25 upgrade price, since I only bought it a few months ago.

NOTE: Watch for discounts offered through the developer's twitter account. Occasionally they run offers of 50% off.

Yeah, you shouldn’t have to pay. I starting paying for Little Snitch back in 2013 with v3, and each time they provide a 50% discount for an upgrade. Just have to enter in your previous license.

 

[oneMadRssn]

Isn't Pihole something completely different, I thought Pihole is for blocking Ads.
LS is a Firewall App as far as I know, highly configurable.

Broad strokes, there is a difference but the end result is the same to most users.

PiHole isn't for just blocking ads, though it can do that. It's also a good reporting tool that monitors all outgoing connections / requests from your home network, letting you block certain ones if you want. It just so happens that most folks end up using it to block all outgoing requests for ads. But another common use, for example, is blocking smartTVs from phoning home.

The issue with LS is it's limited to just the Mac it's running on, but when it comes to phoning home and superfluous outgoing connections, IoT devices tend to be the biggest culprits (smart cameras, smart thermostats, smart TVs, smart assistants), along with freemium apps. LS cannot do anything to help you with those, you need a robust router-side rules, or a DNS approach such as PiHole to manage those things.

 

[Shawzborne]

Little Snitch can't control Apple's apps - so much for the privacy mantra.
https://tidbits.com/2020/10/22/apple-hides-traffic-of-some-its-own-apps-in-big-sur/
https://mjtsai.com/blog/2020/10/22/apple-apps-exempt-from-network-filters-and-vpns/

https://twitter.com/x/status/1318465421796782082

I use radio silence, he has an upcoming version 4 for Big Sur which is in beta.

(Stable) https://radiosilenceapp.com/

(Beta) (Big Sur) https://radiosilenceapp.com/downloads/Radio_Silence_3.0_beta_1.pkg

 

[NMBob]

I don't understand - what is the use case of this program?

Is it for catching if you have malware installed on your Mac that's making a lot of unexpected outbound connections? Or would the expectation be that you're using your Mac as a public server, and you want to monitor for malicious inbound connections? Both? Something else?

Network security isn't something that I've done much in.

Try this exercise: Install Little Snitch. After you have finished allowing or disallowing all of the connections it will find install, or try to install, Spotify. You will be shocked and amazed at all of the connections your computer is making behind your back. I never joined Spotify thanks to Little Snitch. I think it was up to a dozen or more connections that just the installer, or first run of the app, wanted to make before I said enough is enough. It was nuts...just to play music?

 

[Weaselboy]

Try this exercise: Install Little Snitch. After you have finished allowing or disallowing all of the connections it will find install, or try to install, Spotify. You will be shocked and amazed at all of the connections your computer is making behind your back. I never joined Spotify thanks to Little Snitch. I think it was up to a dozen or more connections that just the installer, or first run of the app, wanted to make before I said enough is enough. It was nuts...just to play music?

I wonder if the frequent connection attempts were because you were blocking the connection with Little Snitch?

I have seen people post about similar results using PiHole. I saw a report of a Vizio smart TV that was blocked with PiHole and PiHole showed 800 hits an hour. Once the connection was allowed by PiHole the person reported they used some sort of sniffer on the router and it showed the Vizio TV only making one phone home connection an hour.

So I'm wondering if the same thing is happening in your case. So Spotify sees it cannot phone home so starts repeatedly trying to connect over and over again.

 

[ksgant]

Little Snitch should have a longer beta version available for users which purchased LS before November 1 2019, it's still fairly buggy, after I think ~5 November the beta will expire so no blocking without Purchasing/Upgrading to the next version.

I've been running the beta for a few months now and yes, the first version out was very buggy. But since the "release candidate" and now the final release, it's been chugging along just fine for me.

 

[madmin]

I ❤️ LittleSnitch

By releasing this early they have you covered the moment you upgrade to Big Sur.

 

[Spindel]

Try this exercise: Install Little Snitch. After you have finished allowing or disallowing all of the connections it will find install, or try to install, Spotify. You will be shocked and amazed at all of the connections your computer is making behind your back. I never joined Spotify thanks to Little Snitch. I think it was up to a dozen or more connections that just the installer, or first run of the app, wanted to make before I said enough is enough. It was nuts...just to play music?

Thats because spotify use a torrent like protocol so when you connect to spotify you become a node that helps the network.

Worrying about spotifys connections is a non issue.

*disclaimer* I do not use spotify (or any other music streaming service), but it’s not because of all of its connections but for other reasons.


on topic:
I don’t see the point of this software, but I run diversion on my router and have my own VPN server set up through my home network so I get the blocking and tracking of connections from all my devices.

 

[albebaubles]

No word on Apple Silicon support? hmmm.