←back to thread

Apple's apps bypass firewalls like LittleSnitch and LuLu on macOS Big Sur

(twitter.com)
1183 points robenkleene | 4 comments | 20 Oct 20 15:51 UTC | HN request time: 0.844s | source
1. azinman2 ◴[20 Oct 20 18:43 UTC] No.24840918[source]
Everyone seems to assume this is true, but are people also confirming this? I installed LittleSnitch recently on Big Sur and I’m constantly getting pop up’s for all of Apple’s internal daemons etc. While I haven’t tried the App Store specifically, I’m wondering if the person didn’t understand how things were configured and was allowing certain traffic thru. I can’t imagine there’s really some big conspiracy here.
replies(2): >>24841204 #>>24841277 #
2. latexr ◴[20 Oct 20 19:08 UTC] No.24841204[source]
The tweeter is Patrick Wardle, security researcher and creator of Objective-See[1] which publishes several macOS security apps, including the LuLu firewall. Given Patrick’s track record, it’s generally safe to assume due diligence was given to the claim and that lack of understanding about configuration doesn’t apply.

As to your specific case, the tweet does mention “many of” Apple’s apps are affected (i.e. not all, not even necessarily the majority).

[1]: https://objective-see.com/

3. LeoNatan25 ◴[20 Oct 20 19:15 UTC] No.24841277[source]
Confirmed. Someone also found the strings in the network stack, which are tested against the app's bundle identifier to provide these wholes. It's ridiculous.
replies(1): >>24854747 #
4. musicale ◴[22 Oct 20 04:00 UTC] No.24854747[source]
Do you have a reference? As noted, this seems to contradict what Objective Development is saying.

Objective (sic) proof that Objective Development is lying would certainly be a big deal, and a very good reason not to trust Little Snitch.