Also:
> Little Snitch is not there to replace OpenSnitch. It's just an additional option you can choose from. Some people might prefer it, others not.
https://news.ycombinator.com/item?id=47701918
> But I currently can't make the entire project Open Source. My other option would be to keep it completely private (wrote it mostly for myself in the first place).
> I think it's still better to make it public and only partially Open Source so that some people can benefit from it. If you don't trust us, that's completely reasonable, just don't install it.
To each their own, I guess, but that would be a hard pass from me. One example from mobile: FF on android keeps trying to connect to its various services (like firefox.settings.services.mozilla.net). For privacy reasons, I use NetGuard to block this and other similar domains. But there is a gotcha: there are sites (like seekingalpha.com) who refuse to load if access to these same domains is blocked - even on a completely different browser! With NetGuard I can still visit those sites in the secondary browser while blocking Mozilla tracking. With DNS blocking I wouldn't be able to do that.
I prefer to take the hit on those rare site-breaking edge cases if it means I have a single, transparent "source of truth" at the DNS level. It's definitely a trade-off, but I'd rather spend my time building things than perpetually tweaking firewall rules for every new service I spin up.
I remember discovering remote kernel debugging across ethernet; it was magical.
edit: In fact, every PHP file is being leaked, for example, this file [2] contains a $hash_salt , which is supposedly being used to “prevent[s] users guessing filenames and make data more secure”
If you don’t like closed source software and don’t trust the developer(s), then don’t use the software. Why waste time writing an article that all it does is critize the developer’s decision?
If you care so much about the software you run in your computer, then do what I do: open a disassembler and reverse engineer the code, inspect every single HTTP(S) call, every network packet, every system call, and then maybe you will feel at ease.
Pointing out that a "privacy" tool has a closed-source brain isn't an attack on the dev, it's just a heads-up for people who care about that sort of thing.
You wrote as if you've made some kind of discovery: "But as I looked closer, the gloss started to peel. While parts of the project are open, the core logic, the “brain” that actually decides what to block and how to analyse your traffic, is closed source."
Strangely, your post does not even link to the product page https://obdev.at/products/littlesnitch-linux/index.html or the announcement https://www.obdev.at/blog/little-snitch-for-linux/ both of which are clear that a part of it is not open source. Indeed the blog announcement even mentions and links to OpenSnitch.
Should we refuse to use Steam?
roscas•2h ago
OpenSnitch and PiHole are simply a must on every network.
benf76•2h ago
klueinc•2h ago
Barbing•1h ago
Security: BlockBlock, KnockKnock, RansomWhere...
System/Productivity: TaskExplorer...
Yes times 4
braingravy•13m ago
They’re doing the lord’s work.
mystraline•4m ago
I'm not a feudalist, nor a techno-feudalist.