Fixed yet another issue causing a Connection Alert indicating an internal error related to a code signature mismatch from being shown. We are carefully optimistic that this issue is now fixed for good.
Fixed an issue where scrolling in Little Snitch Network Monitor’s inspector would not work.
For hostnames that end in .local, the Connection Alert will now create host rules, not domain rules. These rules worked as intended, but it makes more sense to create host rules instead.
Internet Access Policy
Developers can now specify their name that will be shown to users as the source of the IAP information. Little Snitch used the name as defined in the code signing certificate until now, but this will not work for apps downloaded from the App Store. See the specification of keys for details.
Added support for Internet Access Policy files written in JSON format (in addition to the Property List format). See section File format for more information.
Added support for Internet Access Policy files embedded in XPC services. See the section Support for XPC services in the developer documentation for details.
December 20, 2017
Little Snitch 4.0.5 nightly (5112)
The Connection Alert now points out if a connection is to or from the local network and offers a new option to create a rule for “Only local network”. This was possible in Little Snitch Configuration, but now you can do this in the Connection Alert, too.
Fixed Little Snitch Network Monitor sometimes showing incorrect hostnames for incoming UDP data. Note that only the names shown were incorrect – the network filter and rules were not affected by this.
Internet Access Policy
Fixed an issue where developers testing the Internet Access Policy in their apps would not see up-to-date information in Little Snitch, specifically in localizations. Cache invalidation is hard.
For the source of the information, Little Snitch now shows the developer’s name without the country. For example, it’s now “Objective Development”, not “Objective Development, AT”.
December 12, 2017
Little Snitch 4.0.5 nightly (5108)
Fixed a kernel panic introduced in Little Snitch 4.0.4 that would occur when a single process established more than two billion outgoing connections.
Fixed multiple issues causing a Connection Alert indicating an internal error related to a code signature mismatch from being shown. One of the reasons was if another user had rules for a process that required a different code signature than the process actually had.
Fixed incorrect sorting of Time Machine Backups in Little Snitch Configuration’s “Import from Backup…” sheet.
A Connection Alert informing about a code signature mismatch is now shown even if “Silent Mode – Allow Connections” is active. This is to prevent processes with an invalid code signature from communicating even in Silent Mode.
If an app changes its bundle identifier in an update, Little Snitch will update any existing rules for that app if the new version is located at the same path and is signed by the same developer. Previously, a Connection Alert indicating a code signature mismatch was shown.
Clarified Connection Alert’s button label in case of a code signature mismatch from “Require New Code Signature…” to “Accept New Code Signature…”.
Improved alert when macOS blocks Little Snitch’s kernel extension from being loaded. It now opens the “Security & Privacy” preferences panel and switches to the “General” tab, where it must be allowed.
Prevented multiple notifications about incoming connections from the local network to processes without a code signature being shown. Details: In earlier versions, if “Ignore code signature for local network connections” is enabled (in Little Snitch Configuration > Preferences > Security), an allow rule for only the specific IP address of the connecting peer was created and a notification was shown each time this happened. With this change, an allow rule for any incoming connection for the local network will be created and only a single notification will be shown. Note that this does not change what connections are accepted, only how many notifications are shown.
Improved performance when duplicating a large number of rules in Little Snitch Configuration.
Double-clicking an unapproved rule in Little Snitch Configuration to show the rule inspector now only approves the rule if the inspector is closed with the “OK” button, not with the “Cancel” button.