Improved handling of processes without code signature in Silent Mode. When there was a matching allow-rule for “Any Process” requiring a valid code signature, Little Snitch considered the unsigned process as case of likely tampering and inserted a high priority deny-rule. We now just skip the matching rule and act according to Silent Mode (allow or deny).
If the matching rule requires a particular code signature (from a particular developer), we still consider it as case of likely tampering and add a high priority deny rule. The process has been seen with a valid code signature before, so the code signature must have been removed.
It’s now possible to declare certain types of connections as “private”. The host and domain name information of such connections is then no longer displayed in Network Monitor. Instead, these connections will be summarized in a single “Private Connections” entry, showing only some total summary information.
You can declare connections as private either in Little Snitch Configuration or in Network Monitor. In Little Snitch Configuration, create a new rule and choose “Private” as the rule’s action (instead of Allow or Deny). In Network Monitor, right-click a process and choose “Make Connections Private”.
You can use this as a privacy measure, e.g. by creating a “Private Browsing” profile that contains a rule declaring all Safari connections as private. Note that creating such a rule does not affect previous connections that are already shown in Network Monitor. To remove previous connections, right-click them in Network Monitor and choose “Remove from List”.
Rule Groups are sets of rules that anyone can create and publish on their web server for others to subscribe to. Whenever changes to the rules are made by the publisher, subscribers receive these changes.
This is useful for providing automatically updating blocklists, distributing a common set of rules to multiple computers in a corporate network, or for app developers who want to provide a set of rules to their customers to make it work seamlessly with Little Snitch.
To let you test this feature we provide an example rule group. To subscribe to this group, open Little Snitch Configuration, choose New Rule Group Subscription from the File menu, and enter the following URL:
You can find more information about subscribing and publishing in the documentation chapter Rule group subscriptions.
In Little Snitch 4 we’ve introduced a new Internet Access Policy (IAP) standard, allowing third party app developers to bundle a policy file with their application containing information about the Internet connections their program is about to establish.
This gives developers the opportunity to describe the purpose of these connections, why they are necessary and why it’s recommended or necessary to allow them.
With Little Snitch 4.0.4 we’ve extended the policy format to allow providing dedicated information about potential consequences when denying a particular connection.
Whenever you choose to deny a connection via Little Snitch — either in the connection alert or in Network Monitor — we now display that information helping you to make a better informed decision.
For improved privacy the Little Snitch configuration file is now stored in an encrypted format. When switching to the encrypted format, a backup of the old, unencrypted configuration file is made. If you prefer to have only encrypted configuration files stored on disk, we recommend to remove any unencrypted backup files. Their filename contains a date and timestamp, and they are located in the following folders:
/Library/Application Support/Objective Development/Little Snitch/ ~/Library/Application Support/Little Snitch/
To open these folders you can use Finder’s Go to Folder… command (⇧⌘G).
Since this version stores all configuration files in encrypted format, previous versions cannot read them. If you downgrade, all your rules and preferences are lost. In order to prevent data loss, this version makes a backup of your configuration at
/Library/Application Support/Objetive Development/Little Snitch/configuration_<dateandtime>.xpl before encrypting. Previous versions can restore from this backup via Little Snitch Configuration > Rules > Import from Backup….
Alternatively, you can make a backup of your configuration even in the new version (via Little Snitch Configuration > Rules > Backup…) and restore it after downgrading. Backups are not encrypted in order to keep them backward-compatible.