Glasswire Vs Little Snitch
Little Snitch is probably the best host-based application firewall solution for macOS app. I’ve been using it for quite a while but recently ditched it when I found a free alternative that equally works great.
If you’re using the free version of Little Snitch, you have to deal with the fact that it automatically quits after every three hours. To avoid this, you have to buy the full version. If you’ve been looking for a free Little Snitch alternative that works with macOS Mojave and previous macOS versions, Lulu is what you need.
Aug 11, 2015 Unlike Little Snitch, which lets you choose which domains and ports an application is and isn’t allowed to connect to as it attempts to make those connections, GlassWire only allows you to either allow all connections an application makes or deny all connections an application makes. Little Snitch is a host-based firewall application created for Mac and iOS devices that helps you know when your application is communicating online and allows you to deny or enable access accordingly. It is a complete tool that comes with all the leading tools and features to deliver all-in-one experience.
Unlike Little Snitch, Lulu is an open source software with its source code already on GitHub. This means that it’s not just free, but also anyone can contribute to its development.
Same approach to application firewall
Glasswire Vs Little Snitch 2
If you’ve been using Little Snitch before now, you shouldn’t have a problem using Lulu. Lulu uses the same approach to application firewall
After installing it, you can choose to allow all default Apple apps and existing third-party apps to connect to the Internet without confirmation.
Glasswire Vs Little Snitch Movie
The choice you make here depends on how you wish to use the program. Personally, I only allow Apple-signed programs to connect automatically, all third-party apps require manual confirmation to create rules.
Clicking the Block or Allow button determines whether the application will access the Internet or not. Checking the temporarily box makes the rule temporary for that specific program ID. It resets when you quit the app or restart your computer and the dialogue box will pop up again.
Just like Little Snitch, it has a panel where you can remove existing rules and add new ones manually:
Ever since I upgraded to macOS Mojave, I’ve been using the new system-wide dark theme which Lulu neatly blends in with.
For a free app, Lulu is incredibly well-built. It’s been about a week now and I haven’t encountered a bug. If you don’t want to spend a dime on a firewall app, this free little alternative is really worth trying. You can download it from the official website or take a look at the source code on GitHub.
LS4 has had a few private betas up until now, but it's in public beta at this point and some of the new stuff they've been working on is pretty interesting. Their main landing page has been updated for LS4 [1] and has a nice general summary of new features with screenshots, but trying to submit that link just goes back to the HN discussion on LS3 five months back [2]. The What's New is more detailed. I'm particularly curious how their improved Research Assistant 2.0 will turn out. They're making an effort to open it up and turn LS4 into a bit more of a platform, allowing 3rd party devs to make specific descriptive information available:>Third party developers can now bundle their apps with an Internet Access Policy file containing descriptions of all network connections that are possibly triggered by their app. Little Snitch will then display that information to users, helping them in their decision how to handle a particular connection. A description of the policy file format will be provided soon.
Research Assistant is a useful feature and at first blush this seems to have the potential to make it even better, assuming LS has enough market penetration to actually get more then a handful of devs to provide a description. The spirit of transparency is a good one too. One thing I wonder about though is how well they're prepared to deal with lying, because this seems like it could possibly open up a potential risk for social engineering. Can the developer of an application making a connection a power user would consider worth blocking actually be trusted provide their own description? If they do lie (directly or by omission) or even simply obfuscate about what it's doing, is Obdev up to policing that?
Having used it since version one though I'm excited about a lot of the new changes. I hope OpenSnitch and similar projects are inspired and vice versa.
1: https://www.obdev.at/products/littlesnitch/index.html
2: https://news.ycombinator.com/item?id=13443858