[HN Gopher] Little Snitch Mini ___________________________________________________________________ Little Snitch Mini Author : robenkleene Score : 102 points Date : 2023-03-22 22:05 UTC (55 minutes ago) (HTM) web link (obdev.at) (TXT) w3m dump (obdev.at) | ary wrote: | People are probably be confused between this and the "full" | version of Little Snitch. My take on it is that Little Snitch | Mini is something you can install on a non-technical friend or | family member's computer whereas power users may want to stick | with the existing offering. | | I say this as a long time heavy user of Little Snitch. It's very | annoying when you first get it installed, but it provides really | useful control over what installed software is getting up to. | After a time you settle into a natural rule set for your personal | patterns and only see alerts when new or updated software tries a | network connection that hasn't been seen before. | | "Mini" strikes me as much more of a fire-and-forget product, | which I appreciate but won't personally use. | dmix wrote: | I've always thought this should be a feature in an OS for | advanced users. Combined with some OS level security | optimizations it could be quite a powerful security feature for | the paranoid and at-risk. | | I haven't tried mini but there's probably plenty of UX gains in | between the standard Little Snitch fine control approach and | the UBlock Origin style community curated defaults where | control/customization is optional/on-demand. | ary wrote: | Completely agree. Occasionally I run Charles Proxy[1] on my | iPhone to analyze network activity and am disturbed by what I | see. Software shouldn't be able to open arbitrary network | connections without user consent/control, but we're not there | yet to a large enough degree on mobile unfortunately. | | [1] https://www.charlesproxy.com/documentation/ios/ | alad_ wrote: | Any thoughts on the difference between using this vs DNS (e.g. | nextdns) with blocklists? | | It seems like DNS is more convenient as you don't need to run | extra software on your machine and it works on any device. | lapcat wrote: | > Any thoughts on the difference between using this vs DNS | (e.g. nextdns) with blocklists? | | Little Snitch is process-based, so you can block a specific | process from connecting to a specific domain while allowing | other processes to connect to the domain, whereas with DNS you | have to block every process from the domain. And of course | Little Snitch gives you process-level info too, which DNS | doesn't. | tinglymintyfrsh wrote: | I use LS. Mini wouldn't work for me at work or home. It's | probably targeted and useful for non-developer users. | | I also use Objective See's LuLu, OverSight, ReiKey, and | RansomWhere. | | https://objective-see.org | | LuLu + LS makes any app using telemetry shriekingly obvious and | selectively denyable. | | Work additionally deploys YARA, MS MDE, Malware Bytes, and an | MDM. There are other internal tools for password projection, DLP | (anti-exfil), and pre-execution binary allow/denylisting. | amelius wrote: | So, from a user's viewpoint, if your app talks to | blah.serv.direct.data.com how do you know whether it actually | needs that server for its main functionality or not? | | I don't see how this snitch tool will not just generate a lot of | noise. | npunt wrote: | Smart move to go for the more casual user, it suggests Obdev has | been doing their homework and proactively talking to regular | users, rather than just blindly building feature requests. Tools | like Little Snitch so often get sucked into serving the loud | minority of expert users with ever more esoteric use cases, which | in turn make the tools even more complicated and harder to | approach for casuals. A death spiral of audience capture. | mostlysimilar wrote: | The original/full Little Snitch is the first thing I install on a | new Mac. Can't live without it. | dt3ft wrote: | Is there a Little Snitch alternative for Windows? | WirelessGigabit wrote: | I had great success with NetLimiter. Just like Little Snitch, | it's a pain to set up, but it's very revealing. | | Also makes you wonder why your Logitech App is talking to all | these servers and why it needs to have 4 applications running | in the background to... do what exactly? | Wistar wrote: | A good question. I looked it up. The AlternativeTo site offers | a few PC alternatives to Little Snitch: | | _" Little Snitch is not available for Windows but there are | plenty of alternatives that runs on Windows with similar | functionality. The best Windows alternative is GlassWire, which | is free."_ | | https://alternativeto.net/software/little-snitch/?platform=w... | oktwtf wrote: | simplewall[0] is my #1 install on a new machine. Little | different, but it'll still alert you to the requests, allow for | timers, per application/route rules etc. | | [0]: https://github.com/henrypp/simplewall | sasas wrote: | Can recommend simplewall - only only is it free, it's | completely opensource. Works wonderfully - highly | recommended. | dylan604 wrote: | I'm kind of scared to learn exactly how chatty Windows would | be. | oktwtf wrote: | It's not as bad as the vine says, but one thing that drives | me crazy, is widgets.exe seems to get a new hash /often/ and | I constantly get prompts for it. | | It's all the installers that phone home at some point, and | video drivers needing access etc. (Wireless displays come at | a cost I guess). | jacooper wrote: | Safing | roblabla wrote: | I use netlimiter[0] on windows. It works pretty well, has more | or less the same workflow as little snitch. | | Disclaimer: Just a happy paying user. | | [0]: https://www.netlimiter.com/ | jacooper wrote: | Seems to do the same thing as Safings Postmaster, which is also | Free and open source. | liminalsunset wrote: | How does this compare to the "LuLu" app from Objective-See? IIRC | that one was open source, while this isn't. | | A few years ago there was a concern that Apple was exempting | itself from some of these firewalls. Were these concerns ever | addressed in any meaningful way by any of these apps since then? | lapcat wrote: | > IIRC that one was open source, while this isn't. | | Yes. Little Snitch has been around for for a long time, though, | something like 20 years. The developer Obdev is trustworthy, | and I wholeheartedly recommend Little Snitch (the full version; | I haven't tried the Mini version). | | > A few years ago there was a concern that Apple was exempting | itself from some of these firewalls. Were these concerns ever | addressed in any meaningful way by any of these apps since | then? | | Apple fixed the issue. | dylan604 wrote: | >Apple fixed the issue. | | What does that mean? They now play by the same rules as other | software, or they just did something else without actually | addressing the problem? | | After Office Space and "we fixed the glitch", simply saying | "fixed the issue" leaves a lot to the imagination. | lapcat wrote: | > What does that mean? They now play by the same rules as | other software | | Yes. | rvnx wrote: | Though Little Snitch itself doesn't show all its own | connections as far as I know (if you search for little | snitch call home) | SamuelAdams wrote: | How is this different from the traditional version of Little | Snitch? | ladberg wrote: | https://obdev.at/products/littlesnitch-mini/compare.html | | Basically a lot fewer filtering features, and only monitoring | for free. | jonnat wrote: | They have a comparison page: | https://obdev.at/products/littlesnitch-mini/compare.html | crazygringo wrote: | It's remarkably difficult to compare the two with how they | describe them in totally different ways. | | It really makes my wish they had one of those side-by-side | charts that tells you which features are in what. | mberning wrote: | I bought little snitch years ago but could never get into using | it consistently. Always seemed like a chore. | kstrauser wrote: | It's most definitely a chore for the first week. Then it | disappears from sight until it finds something unusual. | ladberg wrote: | The monitoring is super useful for metered connections (looking | at you, Comcast/Xfinity) and I happily paid for the full Little | Snitch for that feature. Super glad to hear it's free now! I've | tried to recommend it to people and it was a bit of a big | purchase for most to stomach just for the monitoring features. | obenn wrote: | Was ready to buy this until I saw it is a subscription, not | stand-alone. | selykg wrote: | Price seems fair, honestly. The full blown app is like $70, | plus upgrades when those come. | lucideer wrote: | As someone who's been paying for Little Snitch for a long time | this is an odd move, as this seems to do everything I would want. | | Sure, I've availed of some of the more advanced features in the | paid version, but they definitely never seemed essential to me. | What I mainly need is the basics they've included in the free | version now. | | I wonder if this is a direct response to Lulu (have been meaning | to try it but migration is friction) | darkstar999 wrote: | But you don't get connection blocking for free. | | > The network monitoring functionality, including the real-time | connection list, traffic diagrams and the animated map view can | be used for free! | | > The full feature set, including connection blocking, extended | traffic history time ranges, advanced display and filtering | options and more is available as an in-app purchase. | dylan604 wrote: | I guess if you are just doing an investigation to see if | there is any unusual traffic, the free version can be useful. | Since it's not actually preventing any of the traffic, it | doesn't make the paid for version useless. For those that | want to stop the data flow but continue using the chatty | software, upgrading to the paid version would still be a | thing. If you're the type to just stop/remove chatty | software, then this free version will help find them. Seems | kind of cool. ___________________________________________________________________ (page generated 2023-03-22 23:00 UTC)