v4.0 [Jun 15, 2017]
- Introduced a new Internet Access Policy (IAP) standard, allowing third party app developers to bundle a policy file with their application containing information about the Internet connections their program is about to establish. This gives developers the opportunity to describe the purpose of these connections, why they are necessary and why it’s recommended or necessary to allow them.
- Extended the policy format to allow providing dedicated information about potential consequences when denying a particular connection.
- Whenever you choose to deny a connection via Little Snitch — either in the connection alert or in Network Monitor — now displays that information helping you to make a better informed decision.
- Little Snitch now includes Internet Access Policies for several Apple processes shipped with macOS.
- Fixed an issue with localized IAP files.
- Added support for Markdown-style links.
- Blocked connections are now indicated in the map with a red flashing connection line.
- Significantly improved performance when handling large amounts of connects.
- Improved performance in case of large file downloads.
- New action: “Show Recently Used Rule(s)”. Accessible by holding down the Option key while right-clicking a line in the list.
- Fixed an issue causing heavy flickering of the map during zooming or panning on macOS 10.13 High Sierra.
- Fixed locations on Little Snitch Network Monitor’s map being drawn too large on macOS 10.13.
- Fixed: The menu bar did not respond immediately after opening the Network Monitor window.
- Fixed: Network Monitor no longer flashes connection lines that are currently invisible due to filtering.
- The data rate display in the inspector pane now respects the Bits/s vs. Bytes/s user preference.
- The experimental “Handle Connection Attempts in Monitor” preferences option has been removed.
- Fixed an issue that could incorrectly lead to a connection alert indicating a code signature mismatch between a running process and an existing rule.
- Fixed an incorrect message “Incoming Connection Denied due to invalid code signature” being shown, usually for the process netbiosd.
- Improved a confusing code signature mismatch message in connection alert when the bundle identifier of the connecting app changed.
- When a rule is created using the connection alert’s “Deny Any Connection” button (only shown in case of a code signature mismatch or an invalid code signature), that rule is now permanent instead of “Until Quit”.
- Fixed an issue where a deny rule labelled “override due to code signature issue” could inadvertently be turned into a permanent allow rule.
- Fixed an issue where the connection alert would show that an XPC process’ parent app had no code signature. This would happen when the parent app was already terminated at the time when the XPC process tried to establish a connection.
- Improved handling and presentation of code signature issues.
- Improved help text of rule suggestions covering multiple connection attempts.
- Improved handling of incoming ssh connections.
- Improved handling of denied incoming connections.
- Improved display of connection alerts on small displays.
- Improved creation of diagnostics reports.
- Improved protection against malware attempting to modify Little Snitch.
- Improved reliability of showing connection alerts in cases where a process only opens a connection, but never actually sends or receives any data.
- For improved privacy the Little Snitch configuration file is now saved in an encrypted format.
- Fixed a vulnerability where the process name in Little Snitch Configuration’s rule inspector could be constructed to execute as a shell command. Security impact: If users follow malicious instructions, they can enter a text string in Little Snitch Configuration which is unexpectedly executed in a shell under the user’s privileges. Not exploitable from remote or by local processes.
- Added a preference option allowing to choose whether OpenVPN remote servers should be distinguished or not.
- Added “Port 22 (SSH)” to the port popup list in the rule editor of Little Snitch Configuration.
- Due to a bug in macOS, applications may hang for a while when they attempt to show animated graphics. Little Snitch detects when important components stop responding and used to generate diagnostics info. Since this further slowed down the machine, we no longer generate these diagnostics and simply restart the affected component.
- Fixed a rare kernel panic.
- Fixed an issue when choosing the “Once” option in the connection alert.
- Fixed an issue related to handling connections via VPN.
- Fixed a rare crash of Little Snitch Network Monitor that could occur when an app would use a network socket in an unusual, but still correct way. This could happen when using the PS4 Remote Play app.
- Fixed a kernel panic by making Little Snitch’s kernel extension more robust when other third party kernel extensions overwrite memory that belongs to Little Snitch.
v3.7 [Jun 16, 2016]
- Added compatibility with macOS 10.12 Sierra.
- Further improved Fast User Switching support.
v3.0 [Jul 30, 2012]
- Rules can now be created by dragging applications on Little Snitch Configuration's dock icon or on Little Snitch's status menu item.
- Network Monitor Snapshots are now displayed without traffic meters and server names in gray.
- If the "via" executable of a rule does not exist, the rule is now indicated as invalid.
- Fixed several bugs in detection of redundant rules (e.g. subdomains covered by domain rule).
- Improved generation of notes text for automatically created rules and suggestions.
- Changed preferences options beginning with "prevent" into their "allow" counterparts.
- Improved installer error reporting if updating boot caches fails.
- Installer/uninstaller offers a retry button now if the install / uninstall failed.
- Various other bug fixes and improvements.
It helps you prevent running apps from accessing the Internet.
Manage your personal network and block outgoing connections.
Figure out if unauthorized users are spying on you.
Basic IPFW firewall configuration tool for Mac OS X 10.5-10.6-10.7.
Default protection setting which applies to all unspecified services.