Apple's apps bypass firewalls like LittleSnitch and LuLu on macOS Big Sur

(twitter.com)

1183 points robenkleene | 1 comments | 20 Oct 20 15:51 UTC | HN request time: 0.244s | source

Show context

malandrew ◴[20 Oct 20 16:06 UTC] No.24839003[source]▶

This is a big breach of trust in terms of Apple always being on the side of user privacy.

If someone knows enough to install these firewall apps, then they know enough to figure out what they want to enable/disable even for Apple applications.

If Apple thinks certain rules cause issues, they certainly could work with the developer of these apps to educate users of adverse effects when certain things cause unintended issues for the user. The decision should still lie with the user. Bypassing firewalls by privileging some traffic is not okay.

Looks like for now, the only real option is an external device you always connect through running pfsense or another firewall, which is not too big a deal for use on a home network, but requires carrying around another device when on other networks.

replies(2): >>24839070 #>>24839290 #

lifty ◴[20 Oct 20 16:11 UTC] No.24839070[source]▶

>>24839003 #

I would love if there would be a small appliance based on a raspberry pi zero or something of similar size, that could be controlled/configured from an app on your phone. This device would be powered through a usb cable (no data) from your laptop, and act as a WiFi hotstpot that you can use to route all your traffic via the VPN or network of your choice. Even if your laptop would be infected by malware or a rootkit, it would be impossible to avoid the little physical VPN/firewall.

replies(3): >>24839131 #>>24839498 #>>24839849 #

1. wyld ◴[20 Oct 20 17:08 UTC] No.24839849[source]▶

>>24839070 #

I've been pretty happy with the PiHole Remote app https://apps.apple.com/us/app/pi-hole-remote/id1515445551

↑