Little Snitch for Linux
I decided to use eBPF for traffic interception at kernel level. It’s high performance and much more portable than kernel extensions. The main application code is in Rust, a language I’ve wanted to explore for quite a while. And the user interface was built as a web application. That last choice might seem odd for a privacy tool, but it means you can monitor a remote Linux server’s network connections from any device, including your Mac. Want to know what Nextcloud, Home Assistant, or Zammad are actually connecting to? Use Little Snitch on the server.
[…]
But in summary: on Ubuntu, I found 9 system processes making internet connections over the course of one week. On macOS, we counted more than 100.
[…]
The kernel component, written for eBPF, is open source and you can look at how it’s implemented, fix bugs yourself, or adapt it to different kernel versions. The UI is also open source under GPL v2, feel free to make improvements.
[…]
One important note: unlike the macOS version, Little Snitch for Linux is not a security tool. eBPF provides limited resources, so it’s always possible to get around the firewall for instance by flooding tables.
Previously:
- Tahoe Won’t Unload Network Extensions
- Sequoia Network Extension Memory Leak
- Little Snitch 6 and DNS Encryption
5 Comments RSS · Twitter · Mastodon
You know, Framework now officially supports Ubuntu. You can order a computer with pre-loaded Ubuntu, and they test all upgrades.
Framework also has a 13.5-inch laptop that has battery life competitive with Apple, supports upgradeable LPCAMM2 RAM, has a touchscreen, and is completely repairable. And it has ports! Oh, and it also looks really good.
Just putting that out there.
I'm seriously considering getting a 13 Pro... I have a MacBook Pro currently, but am slowly losing my desire to continue using macOS. My CachyOS desktop setup has been great! Other than the one time I borked my drivers and had to roll back to a snapshot, which was seamless.
Yeah, I don’t need a laptop (M1 Macbook has been serving my needs pretty well), but I couldn’t help but pre-order a Framework 13 Pro. I’ve been wanting to bring Linux into the house ever since Apple started pandering to the wannabe fascists in power and Windows entered its AI-driven death spiral (not that I expect it to actually die; just died for me), and it’s incredibly impressive to me that Framework not only is making laptops that can be upgraded piecemeal, but that they actually put in the work to allow their 5-year-older 13 laptop to integrate most of the improvements despite the change in chassis. Love a company willing to swim upstream for its values.
Funny, I was in despair over Tahoe and the future of macOS and started to tinker with Linux. I recently installed Arch with Niri on a several years old Thinkpad and it's made computers fun again in a way I haven't felt with the Mac in several years. I'm seriously considering a Framework laptop for my next computer.
One thing I missed was Little Snitch and it's great to see a Linux version... I'm installing it now.
Interesting choice, though an understandable one, to use the EBPF VM for implementing this. Personally I'd really prefer Linux (and the world in general, but FOSS especially) not to need any kind of packet filtering or application firewall. But, so long as we have need of one, it's good to see the premier option on any platform turn its attentions to Linux, even if only a little bit.
