[HN Gopher] Little Snitch Mini
___________________________________________________________________
Little Snitch Mini
Author : robenkleene
Score : 102 points
Date : 2023-03-22 22:05 UTC (55 minutes ago)
(HTM) web link (obdev.at)
(TXT) w3m dump (obdev.at)
| ary wrote:
| People are probably be confused between this and the "full"
| version of Little Snitch. My take on it is that Little Snitch
| Mini is something you can install on a non-technical friend or
| family member's computer whereas power users may want to stick
| with the existing offering.
|
| I say this as a long time heavy user of Little Snitch. It's very
| annoying when you first get it installed, but it provides really
| useful control over what installed software is getting up to.
| After a time you settle into a natural rule set for your personal
| patterns and only see alerts when new or updated software tries a
| network connection that hasn't been seen before.
|
| "Mini" strikes me as much more of a fire-and-forget product,
| which I appreciate but won't personally use.
| dmix wrote:
| I've always thought this should be a feature in an OS for
| advanced users. Combined with some OS level security
| optimizations it could be quite a powerful security feature for
| the paranoid and at-risk.
|
| I haven't tried mini but there's probably plenty of UX gains in
| between the standard Little Snitch fine control approach and
| the UBlock Origin style community curated defaults where
| control/customization is optional/on-demand.
| ary wrote:
| Completely agree. Occasionally I run Charles Proxy[1] on my
| iPhone to analyze network activity and am disturbed by what I
| see. Software shouldn't be able to open arbitrary network
| connections without user consent/control, but we're not there
| yet to a large enough degree on mobile unfortunately.
|
| [1] https://www.charlesproxy.com/documentation/ios/
| alad_ wrote:
| Any thoughts on the difference between using this vs DNS (e.g.
| nextdns) with blocklists?
|
| It seems like DNS is more convenient as you don't need to run
| extra software on your machine and it works on any device.
| lapcat wrote:
| > Any thoughts on the difference between using this vs DNS
| (e.g. nextdns) with blocklists?
|
| Little Snitch is process-based, so you can block a specific
| process from connecting to a specific domain while allowing
| other processes to connect to the domain, whereas with DNS you
| have to block every process from the domain. And of course
| Little Snitch gives you process-level info too, which DNS
| doesn't.
| tinglymintyfrsh wrote:
| I use LS. Mini wouldn't work for me at work or home. It's
| probably targeted and useful for non-developer users.
|
| I also use Objective See's LuLu, OverSight, ReiKey, and
| RansomWhere.
|
| https://objective-see.org
|
| LuLu + LS makes any app using telemetry shriekingly obvious and
| selectively denyable.
|
| Work additionally deploys YARA, MS MDE, Malware Bytes, and an
| MDM. There are other internal tools for password projection, DLP
| (anti-exfil), and pre-execution binary allow/denylisting.
| amelius wrote:
| So, from a user's viewpoint, if your app talks to
| blah.serv.direct.data.com how do you know whether it actually
| needs that server for its main functionality or not?
|
| I don't see how this snitch tool will not just generate a lot of
| noise.
| npunt wrote:
| Smart move to go for the more casual user, it suggests Obdev has
| been doing their homework and proactively talking to regular
| users, rather than just blindly building feature requests. Tools
| like Little Snitch so often get sucked into serving the loud
| minority of expert users with ever more esoteric use cases, which
| in turn make the tools even more complicated and harder to
| approach for casuals. A death spiral of audience capture.
| mostlysimilar wrote:
| The original/full Little Snitch is the first thing I install on a
| new Mac. Can't live without it.
| dt3ft wrote:
| Is there a Little Snitch alternative for Windows?
| WirelessGigabit wrote:
| I had great success with NetLimiter. Just like Little Snitch,
| it's a pain to set up, but it's very revealing.
|
| Also makes you wonder why your Logitech App is talking to all
| these servers and why it needs to have 4 applications running
| in the background to... do what exactly?
| Wistar wrote:
| A good question. I looked it up. The AlternativeTo site offers
| a few PC alternatives to Little Snitch:
|
| _" Little Snitch is not available for Windows but there are
| plenty of alternatives that runs on Windows with similar
| functionality. The best Windows alternative is GlassWire, which
| is free."_
|
| https://alternativeto.net/software/little-snitch/?platform=w...
| oktwtf wrote:
| simplewall[0] is my #1 install on a new machine. Little
| different, but it'll still alert you to the requests, allow for
| timers, per application/route rules etc.
|
| [0]: https://github.com/henrypp/simplewall
| sasas wrote:
| Can recommend simplewall - only only is it free, it's
| completely opensource. Works wonderfully - highly
| recommended.
| dylan604 wrote:
| I'm kind of scared to learn exactly how chatty Windows would
| be.
| oktwtf wrote:
| It's not as bad as the vine says, but one thing that drives
| me crazy, is widgets.exe seems to get a new hash /often/ and
| I constantly get prompts for it.
|
| It's all the installers that phone home at some point, and
| video drivers needing access etc. (Wireless displays come at
| a cost I guess).
| jacooper wrote:
| Safing
| roblabla wrote:
| I use netlimiter[0] on windows. It works pretty well, has more
| or less the same workflow as little snitch.
|
| Disclaimer: Just a happy paying user.
|
| [0]: https://www.netlimiter.com/
| jacooper wrote:
| Seems to do the same thing as Safings Postmaster, which is also
| Free and open source.
| liminalsunset wrote:
| How does this compare to the "LuLu" app from Objective-See? IIRC
| that one was open source, while this isn't.
|
| A few years ago there was a concern that Apple was exempting
| itself from some of these firewalls. Were these concerns ever
| addressed in any meaningful way by any of these apps since then?
| lapcat wrote:
| > IIRC that one was open source, while this isn't.
|
| Yes. Little Snitch has been around for for a long time, though,
| something like 20 years. The developer Obdev is trustworthy,
| and I wholeheartedly recommend Little Snitch (the full version;
| I haven't tried the Mini version).
|
| > A few years ago there was a concern that Apple was exempting
| itself from some of these firewalls. Were these concerns ever
| addressed in any meaningful way by any of these apps since
| then?
|
| Apple fixed the issue.
| dylan604 wrote:
| >Apple fixed the issue.
|
| What does that mean? They now play by the same rules as other
| software, or they just did something else without actually
| addressing the problem?
|
| After Office Space and "we fixed the glitch", simply saying
| "fixed the issue" leaves a lot to the imagination.
| lapcat wrote:
| > What does that mean? They now play by the same rules as
| other software
|
| Yes.
| rvnx wrote:
| Though Little Snitch itself doesn't show all its own
| connections as far as I know (if you search for little
| snitch call home)
| SamuelAdams wrote:
| How is this different from the traditional version of Little
| Snitch?
| ladberg wrote:
| https://obdev.at/products/littlesnitch-mini/compare.html
|
| Basically a lot fewer filtering features, and only monitoring
| for free.
| jonnat wrote:
| They have a comparison page:
| https://obdev.at/products/littlesnitch-mini/compare.html
| crazygringo wrote:
| It's remarkably difficult to compare the two with how they
| describe them in totally different ways.
|
| It really makes my wish they had one of those side-by-side
| charts that tells you which features are in what.
| mberning wrote:
| I bought little snitch years ago but could never get into using
| it consistently. Always seemed like a chore.
| kstrauser wrote:
| It's most definitely a chore for the first week. Then it
| disappears from sight until it finds something unusual.
| ladberg wrote:
| The monitoring is super useful for metered connections (looking
| at you, Comcast/Xfinity) and I happily paid for the full Little
| Snitch for that feature. Super glad to hear it's free now! I've
| tried to recommend it to people and it was a bit of a big
| purchase for most to stomach just for the monitoring features.
| obenn wrote:
| Was ready to buy this until I saw it is a subscription, not
| stand-alone.
| selykg wrote:
| Price seems fair, honestly. The full blown app is like $70,
| plus upgrades when those come.
| lucideer wrote:
| As someone who's been paying for Little Snitch for a long time
| this is an odd move, as this seems to do everything I would want.
|
| Sure, I've availed of some of the more advanced features in the
| paid version, but they definitely never seemed essential to me.
| What I mainly need is the basics they've included in the free
| version now.
|
| I wonder if this is a direct response to Lulu (have been meaning
| to try it but migration is friction)
| darkstar999 wrote:
| But you don't get connection blocking for free.
|
| > The network monitoring functionality, including the real-time
| connection list, traffic diagrams and the animated map view can
| be used for free!
|
| > The full feature set, including connection blocking, extended
| traffic history time ranges, advanced display and filtering
| options and more is available as an in-app purchase.
| dylan604 wrote:
| I guess if you are just doing an investigation to see if
| there is any unusual traffic, the free version can be useful.
| Since it's not actually preventing any of the traffic, it
| doesn't make the paid for version useless. For those that
| want to stop the data flow but continue using the chatty
| software, upgrading to the paid version would still be a
| thing. If you're the type to just stop/remove chatty
| software, then this free version will help find them. Seems
| kind of cool.
___________________________________________________________________
(page generated 2023-03-22 23:00 UTC)