[jedisct1]

Little Snitch is a fantastic way for people to shoot themselves in the foot.

Most people using it have no clue what they are doing, block random things, and prevent software from working as expected. Not only this can make things less secure by breaking features such as automatic updates, it also makes developer's life miserable by having to provide support to people running their software in a half broken environment.

[Sykox]

Oh Really! what about those malicious developers who want to snoop in and steal our data or bloatware or ad serving compaines who just want to intrude in our system. or what about adobe who runs a fucking system level service to update a simple reader which i want to control when and how to update. One should be in absolute control how the network and data is consumed that to clearly and transparantly

[khana]

Yes!

[brians]

Bad network connectivity blocks random things too; it seems reasonable to expect any supported application to cope.

I absolutely use Little Snitch to block automatic updates of some apps that try to download updates over port 80---I don't trust them to have gotten the authentication right. I'd rather manage those through Homebrew & Caskroom.

[jedisct1]

Bad network connectivity: 1) is not permanent 2) does not block connections to localhost

[leejoramo]

I agree with jedisct1

I have and use Little Snitch. It is an important part of my professional toolkit.

But I have run into quite a number of non-programmer, non-sysadmin users who have tried to protect themselves with Little Snitch only to break their computers.

[nix0n]

I don't buy this argument. The canonical usecase is to block a program from accessing the internet at all. It blocks updates, sure, but you still end up more secure if there's no network in or out at all. Local applications should be able to deal with running offline.

[tedmiston]

"Are you using a third-party firewall, such as Little Snitch? If so, please click allow all connections for our app so it can communicate with the server properly."

[achr2]

Or be very explicit in the verbiage: "We are unable to contact our update server. If you use a network blocking tool, please allow access to 'update.example.com'. We guarantee that no personal data is collected.