Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Little Snitch 5 Released for macOS Big Sur With New Design, Improved Network Traffic Monitoring, and More

Jerry Fritschle said:
At this point, "no one" can make claim to AS support. No products exist outside of the Developer Transition Kit, which will not be a release machine in its present form. Xcode 12.2 is also required to build such apps, and is itself in beta. When Big Sur, and particularly Xcode12.2 go to GM, we're likely to see a lot of AS-support announcements in a hurry. :)
Click to expand...
Really? I'm confused, I've been compiling my apps for my device kit since I received it. Are you saying apple won't accept apps compiled for both? Thanks!
 
albebaubles said:
Really? I'm confused, I've been compiling my apps for my device kit since I received it. Are you saying apple won't accept apps compiled for both? Thanks!
Click to expand...

Well, to get Apple to "accept" an app (which basically means 'for the App Store'), it cannot be built from a beta version of Xcode. To build for Apple Silicon, you need Xcode 12.2.

But check this out! Literally as I write this, on my other browser tab which has the Apple Developer site, I see that 12.2 has gone to GM. So the situation has changed! :-D

Edit: Code signing/notarization isn't an issue on MAS (because the store handles that), but if you're distributing yourself, I don't know where we are on that as regards AS.
 
  • Like
Reactions: albebaubles
oneMadRssn said:
Broad strokes, there is a difference but the end result is the same to most users.

PiHole isn't for just blocking ads, though it can do that. It's also a good reporting tool that monitors all outgoing connections / requests from your home network, letting you block certain ones if you want. It just so happens that most folks end up using it to block all outgoing requests for ads. But another common use, for example, is blocking smartTVs from phoning home.

The issue with LS is it's limited to just the Mac it's running on, but when it comes to phoning home and superfluous outgoing connections, IoT devices tend to be the biggest culprits (smart cameras, smart thermostats, smart TVs, smart assistants), along with freemium apps. LS cannot do anything to help you with those, you need a robust router-side rules, or a DNS approach such as PiHole to manage those things.
Click to expand...
I wouldn't use PiHole for application-level network connection blocking. The only granularity the PiHole Web Interface provides is which IP address is making the request. Not to mention, you lose the ability to accept/reject connections in real-time.

Massive headache to save a few bucks, IMHO.

To your point, PiHole works well with IoT devices because that device, for all intents and purposes, IS the app.

I guess that's OK if you live alone, but not everyone in every family wants to break their OS because Big Brother.

On a side note: someone else commented on here that you can't block Mac's OS by default (in LS4). Emphasis on "default". You can absolutely change the default and completely shutout any connections attempts and break the OS.
 
 
Unforunately Big Sur kernel panics's me on Big Sur with 5.0.2. The crash per the dump is occuring within Little Snitch:

Process name corresponding to current thread: at.obdev.littlesnitch.networkext

And its within Apple's code:

panic(cpu 2 caller 0xffffff80020bfb71): assertion failed: (MBUFQ_EMPTY(&cfq->q_mq) && cfq->q_start == cfq->q_end) || (!MBUFQ_EMPTY(&cfq->q_mq) && cfq->q_start != cfq->q_end), file: /AppleInternal/BuildRoot/Library/Caches/com.apple.xbs/Sources/xnu/xnu-7195.50.7/bsd/net/content_filter.c, line: 1089

OD has passed onto Apple to see if they can fix.
 
Is Little Snitch 5 even necessary? Given all the privacy capabilities in Big Sur? Why have this?
 
Bandaman said:
Oh I’m not faulting LS. This Apple change is annoying.
Click to expand...
I understand. Just emphasizing it, as it would be a disservice to folks on here to think they should ditch LS as a result. That was the takeaway when I first came across this thread.
 
  • Like
Reactions: Bandaman
weaztek said:
From what I understand the 5.xx versions for Big Sur are definitely compatible with M1 Macs.
Click to expand...
LS on Arm required a complete rewrite so it's odd that Objective Dev doesn't note that on their website's landing page. However, drilling down into the FAQ they do say it's a "universal binary" that works on Intel and Apple Silicon.
 
  • Like
Reactions: weaztek
Charles50 said:
Um.. macOS internals are already exempted under the LS default ruleset. They have to be.
Click to expand...

No, no they don't. Operating Systems existing before phoning home was ever a thing. The first thing I do is disable them. Of course, I can't use "iCloud" and things of that nature, but then again, I'm not forced to install updates or given the option to "remind me again tomorrow", because if I really want "remind me again never", Apple could not care less.

20 years ago, this level of customer hostility would have been an issue. Now, we've been cooked like the frog in the boiling pot. Heck, you're convinced that corporate data collection is necessary for your computer to even run.

I guess Apple won that one.
 
  • Like
Reactions: weaztek
I just purchased this and am running version 4.52 for Mojave. It's been running 30 minutes and it's already paid for itself. I'm kicking myself for not using it sooner.

Even though in my Safari preferences, I've explicitly unchecked "Warn when visiting a fraudulent website", it was still checking. The "feature" uses Google Safe Browsing, which sends all your requested URL's to Google, allowing them to track you. Well, Safari was sending my traffic to Google even though I had the option unchecked. So I blocked it with Little Snitch. This firewall is worth it's weight in gold! Bad on Apple for this. Good on Little Snitch. **** Google.
 
  • Like
Reactions: 0279317 and Apple_Robert
planteater said:
I just purchased this and am running version 4.52 for Mojave. It's been running 30 minutes and it's already paid for itself. I'm kicking myself for not using it sooner.

Even though in my Safari preferences, I've explicitly unchecked "Warn when visiting a fraudulent website", it was still checking. The "feature" uses Google Safe Browsing, which sends all your requested URL's to Google, allowing them to track you. Well, Safari was sending my traffic to Google even though I had the option unchecked. So I blocked it with Little Snitch. This firewall is worth it's weight in gold! Bad on Apple for this. Good on Little Snitch. **** Google.
Click to expand...
I just upgraded my version 4 license for $25 and installed on the home server. That is the big upgrade I have had to pay for in 3 years. For what it offers, the $25 was worth it. Version 5 has a much easier install and set up than version 3 & 4 did. Glad to see that. I have already denied any Twitter.com traffic that was from Safari and not from me using Twitter.
 
hot-gril said:
Everything I install will make tons of connections. How does it help me to know that? I used Little Snitch back in 2010, and even then I couldn't make use of it, but I understand there are gurus. Or maybe the newer one has analytics capabilities that can tell me whether something is really wrong.
Click to expand...
I was thinking the same. For example, many apps call home to check if there are updated versions available. Presumably, if we stop all these calls home, we will have to manually check for updates every now and then.
 
I am looking to use this but I am afraid of privacy. what proof is there that they aren't collecting all traffic incoming and outgoing from your computer and storing it somehow?
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back