@david@netbros.com @prologic@twtxt.net nobody will come after you, but I also think that if you’re not the only one using a machine, you need more licenses. Computer vs User. I had LittleSnitch in the past, but do not use it anymore. Using pfSense now
How does pfSense replace what Little Snitch does? 🤔
@prologic@twtxt.net little snitch blocks things on your laptop. A firewall. PfSense is a firewall on the local network. Work similar. One on the machine, the other for everything in the network.
@carsten@yarn.zn80.net I don’t think they’re even remotely the same thing. Little Snitch operates at the Kernel level and capture all the nasty things an App might do – Whereas a firewall strictly operates at the Network level.
@ullarah@txt.quisquiliae.com That’s Micro Snitch but yeah 👌 One is more of an Application Firewall that operates at the Kernel level, it’s the different between a Network Firewall and the use of eBPF in the Linux Kernel to monitor and potentially block unwanted syscalls or unwanted network connecting in Applications running on Linux OS(es).
@prologic@twtxt.net with the new m1 Macs and Big Sur(?) Little Snitch can no longer work at the kernel level. And while I like Apple a lot, they haven’t covered themselves with glory by bypassing the network extension framework for some of their own domains.
@prologic@twtxt.net But with the blocking of unwanted calls locally, you are right.
@prologic@twtxt.net but maybe I am seeing sth not. So I might be wrong about the differences. LS can do more locally, yes.
@carsten@yarn.zn80.net I think the main thing is the Application level firewall, which is not something you can do at the Network level – But OTOH you have me worried that Little Snitch no longer works on Apple’s M1 hardware? (I haven’t upgraded to Macbook M1s yet…) – Or were you simply referring to the backdoor Apple created for themselves to circumvent Kernel-level network filtering for their own builtin apps? If so I agree, I believe this is unethical of Apple and whilst I love their hardware and software, I still don’t trust them.
@prologic@twtxt.net The posts I found are all from 2020, just before the release of Big Sur(veillance?). https://arstechnica.com/gadgets/2020/11/apple-lets-some-big-sur-network-traffic-bypass-firewalls/ for example. It seems that many other articles refer to https://appleterm.com/2020/10/20/macos-big-sur-firewalls-and-vpns/. Big Sur is one reason I installed pfSense. My trust in Apple has been slightly scratched since then.
@carsten@yarn.zn80.net Yeah I wish Apple would reverse track on this firewall bypass they’ve allowed for themselves. Apple would have much greater respect in the community and trust:
@david@netbros.com Ahhh! 🙏 Trust you to keep up-to-date with all the #Apple news 😅 I am very glad to hear this, as you know I use Apple mostly because of the good hardware and the only decent OS with actual goodness to gracious accessibility. Their App Store, iTunes, Apple TV+ and iCloud I couldn’t care less about 😂 (but personal choice right? 😅) – As long as Apple give allowing me to “turn off things I don’t want” they have my $$$ 🤣
And FWIW I am on Monterey 12.1 😂
@david@netbros.com Good to know 👌 I haven’t upgraded to Apple Silicon yet, I tend to wait for an iteration or two before making drastic changes to hardware/software 😅 And it was a good thing I normally do, because when they first introduced the Apple M1 there were some software compatibility problems, but no more! 😂
@david@netbros.com Good news to hear. I haven’t followed those releases a lot as I am still working on a 2013 MBA. So I think I will renew my license with Little Snitch when I upgrade to a M1 or M2
My wife got an M1 and is super happy with it. I will for sure upgrade next iteration with an M2 or just give her the new one for all things Adobe and take the golden-rose M1. Yes, she has chosen that weird color. ;-)
@david@netbros.com Thanks for the update. I really missed that piece of information.