←back to thread

Apple's apps bypass firewalls like LittleSnitch and LuLu on macOS Big Sur

(twitter.com)
1183 points robenkleene | 1 comments | 20 Oct 20 15:51 UTC | HN request time: 0.226s | source
Show context
malandrew ◴[20 Oct 20 16:06 UTC] No.24839003[source]
This is a big breach of trust in terms of Apple always being on the side of user privacy.

If someone knows enough to install these firewall apps, then they know enough to figure out what they want to enable/disable even for Apple applications.

If Apple thinks certain rules cause issues, they certainly could work with the developer of these apps to educate users of adverse effects when certain things cause unintended issues for the user. The decision should still lie with the user. Bypassing firewalls by privileging some traffic is not okay.

Looks like for now, the only real option is an external device you always connect through running pfsense or another firewall, which is not too big a deal for use on a home network, but requires carrying around another device when on other networks.

replies(2): >>24839070 #>>24839290 #
1. dkonofalski ◴[20 Oct 20 16:26 UTC] No.24839290[source]
>If someone knows enough to install these firewall apps

Your statement implies that it's difficult to install these apps. Installing Little Snitch is no different than installing any other macOS app. Also, this isn't specifically against Little Snitch, it's about any app that could potentially compromise a user's network traffic. Little Snitch is obviously a desired use of these features but how do you then differentiate it from the undesired uses?