Little Snitch Vs Handsoff
Sep 29, 2008 Looks to have a lot of extra features than Little Snitch & is cheaper too. I am very happy with the way Little Snitch works, but 'Hands Off!' Does have some useful extras included. Will ODev be including these features soon? Hello Hands off! And Little Snitch are 2 useful software to control applications access to the network. However they only run on Mac OS. What's the best equivalent for Windows 10? If you are new to Little Snitch, you may get overwhelmed by the vast amount of notifications from applications wanting to connect to the Internet. The all-new Silent Mode was re-built from the ground up to make dealing with them a breeze. It lets you silence all notifications for a while, and make all your decisions later. Jun 03, 2014 Hi, Personally I think Little Snitch is the best you can get for OS X, a least in the 'nice GUI and easy to use' category. HandsOff is quite decent also, though I do prefer LS overall. On the more advanced side you have IceFloor and PFLists by Haynet, which take a good deal more networking understanding. 'Better' is a subjective term.
Bypass alerts of Little Flocker / Little Snitch / HandsOff! / BlockBlock (same concept can be applied to other security tools).
Description: This PoC is using a simple yet powerful trick to detect when Little Flocker, Little Snitch, HandsOff! or BlockBlock window appear then automatically click on the 'Allow' button by calculating the distance (so it works pretty well on every resolution). The window only appear for a fraction of second.
To use it, just run ./Unsecure-Release then do what you want!
This PoC works against Little Flocker, Little Snitch(Even with GUI scripting disabled), HandsOff! and BlockBlock. It's easy to implement new detection mechanism!
Auto tune efx trial key. Vulnerable version of HandsOff!: <= 3.2.1
Vulnerable version of BlockBlock: <= 0.9.4
Hands Off Vs Little Snitch
Vulnerable version of Little Snitch: <= 3.7.1
Vulnerable version of Little Flocker: <= 1.3.0
(Note: macOS already have built-in mitigation (see https://twitter.com/pwnsdx/status/812653042898243584) for this kind of attack but are not yet implemented by these security softwares)
Timeline
Little Snitch Discount
16 Aug: HandsOff! patched the issue (quite lately but better late than never) so please update as well!
16 Jan: Objective-See deployed a fix for BlockBlock. You should update asap.
4 Jan: Objective Development deployed a fix for Little Snitch. Please ensure it is updated to 3.7.2.
25 Dec: Little Flocker author (@JZdziarski) fixed the issue for both privileged and unprivileged users regarding mouse events and only unprivileged keyboard events (unfortunately he was unable to fix root keyboard events), see https://www.littleflocker.com/downloads/CHANGELOG. He also added TouchBar support 'only' to Deny/Allow which is immune to this attack.
23 Dec: This repository is made public