Apple's apps bypass firewalls like LittleSnitch and LuLu on macOS Big Sur

(twitter.com)

1183 points robenkleene | 1 comments | 20 Oct 20 15:51 UTC | HN request time: 0.217s | source

Show context

rootusrootus ◴[20 Oct 20 16:09 UTC] No.24839054[source]▶

Hasn't this always been a bit of an issue? Apps with root privileges have been able to get around Little Snitch for as long as I can recall. Some software relies specifically on that ability.

replies(1): >>24839142 #

Wowfunhappy ◴[20 Oct 20 16:17 UTC] No.24839142[source]▶

>>24839054 #

...no, I don't think they could. Is there an example you're thinking of?

Up until recently, Little Snitch monitored network traffic in kernel space.

replies(2): >>24839691 #>>24840817 #

rootusrootus ◴[20 Oct 20 18:32 UTC] No.24840817[source]▶

>>24839142 #

Off the top of my head, I think it was Photoshop or something else along those lines (it's been a few years). It installed itself a little helper tool that ran as root which could talk to the licensing servers without tripping Little Snitch.

I don't run Little Snitch any more, so it may no longer work that way. Some software (games seem to be an egregiously bad offender) insists on communicating with seemlingly random IP addresses and not using DNS to resolve them, and it's hard to run any kind of filtering software or parental controls such as Screen Time successfully. I make do with outbound filtering at my router.

replies(1): >>24841105 #

1. Wowfunhappy ◴[20 Oct 20 18:58 UTC] No.24841105[source]▶

>>24840817 #

I definitely needed to let Photoshop CS6 through Little Snitch to activate a few years ago. (but frankjr also brought up a situation that I wasn't aware of.)

↑