Excellent product, but needs some kind of rule sharing feature. There are so many network requests from different components that it can be overwhelming knowing what to allow.
Definitely agree. I like the idea of it, but when I installed it for the first time and rebooted, it fired off so many confirmation requests for various cryptic services I had no idea what they were, I removed it just as soon as I'd managed to click through them all.
Little Snitch is noisy AF for the first day or so, but that's also kind of the point, right? You're running it because you want to know which apps are doing what. Those first sessions are enlightening. Wow, my laptop talks to all the things! That drops very quickly, though, as you tell it "yes, allow Slack to connect to" and "no, don't let Safari talk to sketchy.ru:8765".
I still get the occasional popup, but now they're limited almost exclusively to newly installed apps that I'm running for the first time. That's still an eye-opener: no, I don't see a need for a calculator to connect to Google Analytics. Deny!
Except for gamed, of course. There's no rhyme nor reason to which hosts and ports it wants to talk to. If you ever want to hack a Mac running Little Snitch, call your process "gamed" and the own will allow it through (if they haven't already set "allow connections to any host and port because alert fatigue lol").
It definitely takes some time, effort, and research to get past this initial phase. In the future, I hope they explore more automation / semi-automation around system processes.
I used to use a competitor, https://www.oneperiodic.com/products/handsoff/. As far as memory serves, it had some kind of rule sharing, but I didn't like it at all (why would I trust rules made by someone else?)
One possible way to do this well would be displaying information about how many people blocked/allowed. Then maybe following the crowd if it is converged enough, e.g. ≥1k votes with ≥95% same decision. But, this might be technically and socially challenging (people who care about this level of privacy may not want to share their rules; you need to make sure that no malware developer can game the system; people need to trust in that).
Therein lies a dilemma: knowing what does what on macOS.
I just sit around watching log stream output and wonder why that JPEG is being 'processed' by Safari. But that's another story.