This version is a hot fix for version 4.4.1, which was released earlier today.
It turned out that the fix for a rare kernel panic introduced a new bug which also triggered a kernel panic. Sorry for the rapid succession of releases and the resulting system restarts!
If you have missed 4.4.1: Please don't overlook the security content of this release!
Version 4.4.0 fixed a vulnerability which allowed privilege escalation to root for any local user. However, in some situations computers were still vulnerable after the upgrade. This version addresses the remaining issue. Please upgrade before details of the vulnerability are published!
This vulnerability has been assigned the number CVE-2019-13014. More information will be made available later.
Little Snitch version 3 is not affected.
When Little Snitch detects possibly malicious program modifications in Silent Mode, it now shows its findings immediately in an alert. Previously, the modified program was denied network access silently.
This version fixes a vulnerability which allows privilege escalation to root for any local user. Please upgrade before details of the vulnerability are published!
The vulnerability has been assigned the number CVE-2019-13013. More information will be made available later, when most users have upgraded to the latest version.
Little Snitch version 3 is not affected.
Fixed a crash of Little Snitch Daemon when updating from Little Snitch 3 directly to Little Snitch 4.3.
This release contains changes in the following areas:
Little Snitch has a security mechanism that ensures rules are only applied to programs for which they were originally created. This is to prevent malware from hijacking existing rules for legitimate programs. To do that, Little Snitch must be able to detect whether a program was modified. How Little Snitch does that changes with this version.
Previous versions required a program to have a valid code signature in order to be able to detect illegitimate modifications later on. Programs without a code signature could not be validated and Little Snitch warned accordingly. The focus was therefore on a program’s code signature.
Beginning with version 4.3, Little Snitch can always check whether a program has been tampered with, even if it’s not code signed at all. The focus is now on checking for modifications with the best means available. That is usually still the code signature but for programs that are not code signed, Little Snitch now computes a secure hash over the program’s executable. (There’s still a warning if a process is not signed, but only to inform you about a possible anomaly.)
This change leads to a different terminology. When editing a rule, Little Snitch Configuration no longer shows a checkbox titled “requires valid code signature” but instead one that is titled “check process identity” (or if the rule is for any process: “apply to trusted processes only”).
Instead of a “code signature mismatch”, Little Snitch’s connection alert now informs that “the program has been modified”.
In cases where Little Snitch detects such a modification, it now also better explains the possible underlying cause and the potential consequences.
For more information see the chapter Code identity checks in the online help.
This version uses a new format with speed and size improvements for the configuration file in which the current rule set and the preferences are stored. This new file format is not compatible with older versions of Little Snitch, though. When updating to Little Snitch 4.3, the old configuration file is left untouched in case you want to downgrade to a previous version of Little Snitch. All changes made in Little Snitch 4.3 or later are not included in the old file, of course. Note that backup files created using File > Create Backup… in Little Snitch Configuration use the old file format and are therefore backward-compatible with previous versions of Little Snitch.
Improved handling of processes without code signature in Silent Mode. When there was a matching allow-rule for “Any Process” requiring a valid code signature, Little Snitch considered the unsigned process as case of likely tampering and inserted a high priority deny-rule. We now just skip the matching rule and act according to Silent Mode (allow or deny).
If the matching rule requires a particular code signature (from a particular developer), we still consider it as case of likely tampering and add a high priority deny rule. The process has been seen with a valid code signature before, so the code signature must have been removed.
It’s now possible to declare certain types of connections as “private”. The host and domain name information of such connections is then no longer displayed in Network Monitor. Instead, these connections will be summarized in a single “Private Connections” entry, showing only some total summary information.
You can declare connections as private either in Little Snitch Configuration or in Network Monitor. In Little Snitch Configuration, create a new rule and choose “Private” as the rule’s action (instead of Allow or Deny). In Network Monitor, right-click a process and choose “Make Connections Private”.
You can use this as a privacy measure, e.g. by creating a “Private Browsing” profile that contains a rule declaring all Safari connections as private. Note that creating such a rule does not affect previous connections that are already shown in Network Monitor. To remove previous connections, right-click them in Network Monitor and choose “Remove from List”.
Rule Groups are sets of rules that anyone can create and publish on their web server for others to subscribe to. Whenever changes to the rules are made by the publisher, subscribers receive these changes.
This is useful for providing automatically updating blocklists, distributing a common set of rules to multiple computers in a corporate network, or for app developers who want to provide a set of rules to their customers to make it work seamlessly with Little Snitch.
To let you test this feature we provide an example rule group. To subscribe to this group, open Little Snitch Configuration, choose New Rule Group Subscription from the File menu, and enter the following URL:
You can find more information about subscribing and publishing in the documentation chapter Rule group subscriptions.
In Little Snitch 4 we’ve introduced a new Internet Access Policy (IAP) standard, allowing third party app developers to bundle a policy file with their application containing information about the Internet connections their program is about to establish.
This gives developers the opportunity to describe the purpose of these connections, why they are necessary and why it’s recommended or necessary to allow them.
With Little Snitch 4.0.4 we’ve extended the policy format to allow providing dedicated information about potential consequences when denying a particular connection.
Whenever you choose to deny a connection via Little Snitch — either in the connection alert or in Network Monitor — we now display that information helping you to make a better informed decision.
For improved privacy the Little Snitch configuration file is now stored in an encrypted format. When switching to the encrypted format, a backup of the old, unencrypted configuration file is made. If you prefer to have only encrypted configuration files stored on disk, we recommend to remove any unencrypted backup files. Their filename contains a date and timestamp, and they are located in the following folders:
/Library/Application Support/Objective Development/Little Snitch/ ~/Library/Application Support/Little Snitch/
To open these folders you can use Finder’s Go to Folder… command (⇧⌘G).
Since this version stores all configuration files in encrypted format, previous versions cannot read them. If you downgrade, all your rules and preferences are lost. In order to prevent data loss, this version makes a backup of your configuration at
/Library/Application Support/Objetive Development/Little Snitch/configuration_<dateandtime>.xpl before encrypting. Previous versions can restore from this backup via Little Snitch Configuration > Rules > Import from Backup….
Alternatively, you can make a backup of your configuration even in the new version (via Little Snitch Configuration > Rules > Backup…) and restore it after downgrading. Backups are not encrypted in order to keep them backward-compatible.