Apple's apps bypass firewalls like LittleSnitch and LuLu on macOS Big Sur

This is one of those tough cases where software cuts both ways.

Some people are smart, informed developers that install a trusted tool to monitor their traffic and have legitimate reasons to want to inspect Apple traffic. They're dismayed.

Most people are the opposite and this move protects the most sensitive data from being easily scooped up or muddled in easily installed apps, or at least easily installed apps that don't use zero days.

Is the world better or worse due to this change? I'd say a touch better, but I don't like the fact that this change was needed in the first place. I trust Apple, but I don't like trusting trust.

I'd argue this opens up a giant attack surface where malicious software will try to route its command and control communication through a protected service. Do we really want to trust that Apple will keep all 50+ of these privileged services fully protected?

I think it makes the "world" slightly worse in that it will be harder to discover malware. Little snitch has a small user base, but it's been used to identify many forms of malware and protect many more people once the threat is identified.

Yes I agree with your first part. There are real drawbacks.

But it's like installing a custom HTTPS cert in your OS to inspect potential traffic that malware may use through, say, a Google Doc or Sheet. It's helpful to true professionals dealing with highly sensitive information, but it's ultimately a bigger source of compromise for the vast majority of software users.

I don't think there is an easy answer here. That's why I said I thought it made the world a "touch better" and I can see from your response that you understand the tradeoffs roughly as well as I do based on the wording of your response. The fact is that contemplating these hard tradeoffs belie the underlying truth: Securing computers is hard and getting harder and the stakes keep going up. I can't say if this move by Apple will ultimately be worth it, but I certainly understand the predicament they are in. This is no easy work.

Why not just give additional permission levels? I don't really get why so many permission models on what software can do are effectively "admin mode" or "user mode". Why can't you get a very strong warning when software tries to snoop on traffic, but you can still do it? Or maybe you have to go into settings and allow it or something like that.

When you rent space in a building, do you get access to every single apartment/office space in the building? No. You get access to specifically what you rented and the front door. The maintenance people for the building will have access to the front door and other maintenance areas, but won't have access to your space. We can clearly conceptualize models like that. We even have something like this on phones.