Little Snitch deserves a post on it’s own.
April 24, 2007 on 2:01 pm | In Code, Hacking, SecurityLittle Snitch, together with Glowworm FW got a mention on my “Secure OS X” article. When I started doing more work on a PowerMac G4 of a company, which had Little Snitch installed, I wanted to inject an F-Script workspace into Praetorian for some clean testing. Little Snitch amazed me.
I don’t know how it achieves this (trapping system calls, most likely) but it’s quite a feat to be able to stop an arbitrary code injection like that. Firewall? No, this has gone beyond and above firewall. This is a program for security-oriented users. How’s that for being in control?
If these people start adding even more features (and I have no doubt that they will) I will become a great, great fan of Little Snitch. Now, if only the icon were better. But there are designers like me and other far greater people (Adam Betts, I’m talking to you!) who love to design replacement icons. I think both firewall programs, in general, could use more interface and icon design love. But they already provide excellent, stable functionality. Go check them out.
2 Comments »
RSS feed for comments on this post. TrackBack URI
Leave a comment
Syndicate
Archive
- July 2008 (2)
- June 2008 (3)
- April 2008 (8)
- March 2008 (9)
- February 2008 (14)
- January 2008 (12)
- December 2007 (7)
- November 2007 (33)
- October 2007 (25)
- September 2007 (8)
- August 2007 (9)
- July 2007 (10)
- June 2007 (27)
- May 2007 (35)
- April 2007 (36)
- March 2007 (38)
Categories
- Announcement (46)
- Apple (47)
- Cocoa (5)
- CocoiaCast (1)
- Code (13)
- Commercial Work (17)
- Design (92)
- EVE Online (1)
- Fortitude (1)
- Graphics (78)
- Hacking (6)
- How-To (8)
- Icon Design (47)
- IconResource (4)
- Interface Design (21)
- iPhone (9)
- iSight Expert (7)
- Latitude (1)
- News (38)
- Open Source (11)
- OpenGL (8)
- Personal Work (46)
- Popular (9)
- Praetorian (7)
- Ramblings (51)
- Security (19)
- Software Releases (8)
- Timezones (12)
- Typography (9)
- Uncategorized (12)
- War on Bad Design (6)
I read somewhere that Little Snitch runs as an user-owned process, which means that potential malware could use a killall command to stop Little Snitch. Is this true? Does it run reliably under root (I don’t see why not)?
If it is the case, you should advise your readers to “chown Little\ Snitch.app root” if they’re really paranoid.
guns
Comment by guns — April 24, 2007 #
Guns, from consequent testing with the Terminal and Apple’s provided tools, it seems Little Snitch traps the signals sent, resulting in a Daemon not killed. I think I should look even further into this, because it seems this app is truly a pearl of application security.
Comment by sebastiaan — April 24, 2007 #