news.volyx.in

LittleSnitch for Linux (obdev.at)

1378 points by pluc · 98 days ago · 461 comments on HN

Article summary

Little Snitch for Linux is a tool that makes network activity visible and allows users to block unwanted connections. It provides a user interface to view current and past network activity, blocklists, and traffic history. The tool is built for privacy, not security, and has limitations due to its use of eBPF. It is available under the GNU General Public License version 2, with some proprietary components.

Main themes

  • Network monitoring
  • Privacy vs security
  • Linux tools
  • Open source software
  • eBPF limitations
  • Blocklists and filtering

What commenters say

  • Little Snitch's ability to monitor its own network activity is a concern for some users, with some questioning its transparency.
  • The tool's limitations, such as its inability to resolve many IPs to domains, may make it less effective than alternatives like OpenSnitch.
  • Some users believe that open source software should be free and sustainable through donations, while others argue that developers should be paid for their work.
  • The use of eBPF has limitations, including strict storage size and program complexity limits, which affect the tool's effectiveness.
  • DNS-based software, such as PiHole or AdGuard, can be used for block/allow functionality, but may have their own limitations and vulnerabilities.
  • Some users prefer OpenSnitch over Little Snitch due to its ability to intercept client-side library calls and provide more comprehensive network monitoring.
  • The distinction between privacy and security is important, with Little Snitch being designed for privacy rather than security, and some users arguing that this distinction matters.
  • The sustainability of open source software development is a concern, with some arguing that donations are not enough to support ongoing development and maintenance.