Application firewalls

Spyware mitigation and bandwidth management

June 3, 2019 — April 10, 2022

computers are awful
macos
Figure 1

The Littlenitch pitch explains the concept:

As soon as you’re connected to the Internet, applications can potentially send whatever they want to wherever they want. Most often they do this to your benefit. But sometimes, like in the case of tracking software, trojans, or other malware, they don’t.

But you don’t notice anything, because all of this happens invisibly under the hood.

Application firewalls mitigate this problem on a per-application basis.

Note that one might also want to look at network firewalls which stop whole network protocols from doing stuff, and application sandboxes, which prevent other naughty behaviour by apps, e.g. accessing local files or devices or other services that they should not.

1 macOS

sfxedit advises when trying to moderate apps hogging limited bandwidth:

Use an Application Firewall to control what app on your mac connects to the internet.

Lulu is free and open-source. Radiosilence and TripMode are two other very affordable alternative app firewalls that are simpler to use than Lulu. Little Snitch and HandsOff are more advanced with more features (and hence costlier).

I have used LittleSnitch. It has many features and a nice UI. Recent extra recommendation: Vallum, which is drag-n-drop.

2 Linux

opensnitch is an open port of Little Snitch. It has dicey reviews but looks much better than nothin’.

Apparmor and sandboxing technology can probably be made to do this.