(twitter.com)

1183 points robenkleene | 1 comments | 20 Oct 20 15:51 UTC | HN request time: 1.379s | source

Show context

Wowfunhappy ◴[20 Oct 20 16:46 UTC] No.24839553[source]▶

I wonder if it would make sense for Little Snitch to continue supporting their kext-based solution in parallel to the new one, possibly only for users who are willing to disable SIP.

You might argue that disabling SIP for a security product defeats the point, but I'm not sure if that's necessarily true. SIP effectively delegates trust away from the user and towards Apple, which is fine as a default—but the calculus may be different for experienced users, like the ones who use Little Snitch.

replies(1): >>24841142 #

novok ◴[20 Oct 20 19:02 UTC] No.24841142[source]▶

>>24839553 #

Eventually I don't think little snitch will even have apis to access stuff like that in the kernel as a kext as macos updates continue on.

replies(1): >>24841283 #

Wowfunhappy ◴[20 Oct 20 19:15 UTC] No.24841283[source]▶

>>24841142 #

Kexts are used by Apple internally, so I'd be shocked if they were removed from the OS completely. Third party kexts may be deprecated, but as long as SIP can be disabled it will always be possible to load your own.

replies(2): >>24843118 #>>24845946 #

1. dwaite ◴[20 Oct 20 22:53 UTC] No.24843118[source]▶

>>24841283 #

The networking subsystem that the kernel exposes could be removed however, replaced with one which is neither stable nor publicly documented.

↑

Apple's apps bypass firewalls like LittleSnitch and LuLu on macOS Big Sur