I owned several versions of Little Snitch too. It started to be annoying when you had to approve each request, especially when running command-line scripts. Then I moved to run in silent-approval mode. At that point, there was no reason to have LS any longer, so I uninstalled it. Haven't used it in years now. But not to discredit LS, it is an amazing software when you need it.

LS is beyond annoying for the first couple of days on a new computer. "Do you want to connect to gmail.com on port 443? What about kagi.com on port 443? What about your employer on port 443? Mind if Weather.app checks the weather?" After a couple of days, I have blanket rules like "allow Safari to connect to any host :443, except for googleadservices.com because nah".

It quickly tapers down to alerting about rare new connections, which is when it becomes hugely useful. RandomTool.app normally connects to cloud.randomtool.xyz. Why is it suddenly asking to connect to exfiltrate.ru?

> But not to discredit LS, it is an amazing software when you need it.

Yes! I perhaps didn't make this as clear as I should have. Little Snitch is fantastic software, no question. I'm just not sure that most people need it, I think a custom local firewall was always a bit of a power user tool, and nowadays with security being so much better than 20+ years ago, firewalls on personal machines just feel like an outdated concept to me.

Which command line script are u using that much other than curl/npm etc..

Thanks.

I used their software when I was a Windows user. Simple GUI, and functional.

This is similar but for Mac.

https://objective-see.org/tools.html

I've found LuLu and OverSight to be useful. Application firewall and camera/mic monitor, respectively.

It's the same company that keeps getting breached over and over. Do this really surprises you?

I share the same feeling with smitty1e. But I have to admit, my military experience, GI Bill, and security clearance opened many doors for me. As you put it, it gave me a major leg up in life. I would make the same choice again unless I had better opportunities.

You could print them and store them in a safe, or in your parents' collections of old embarrassing photos of you. Just an idea.

These devices are funded by government/school systems. When you receive them, you have to sign a TOS or User agreement, where highly likely contains a verbage similar to "This device is subject to monitoring". This is the magic statement; it notifies you that they could be watching, and you are aware and agree to the search.

The consent banner is typically mandatory on all government IT systems. Here is the one for the DOD: https://dso.dla.mil/

I vaguely recall some (possibly apocryphal) story about someone who beat criminal charges back in the early days of computing by arguing that since the equipment they hacked in to did not have such a banner, it was clearly intended to be for public use.

They probably cut market research funding to obtain that $300M.

They retained McKinsey to forecast adoption, bet that wasn't cheap.

Inverse to the number of subs

IIRC from my military time, the first generations of the patriot missiles (PAC-1, PAC-2) were designed to explode when in vicinity of the target. The PAC-3 missile was the first to introduce kinetic damage before the payload would explode.

This is correct. The Patriot was an anti-aircraft missile that was retrofitted to kinda sorta be adequate for ballistic missile intercept. It was a proverbial dancing bear -- it was impressive that it worked at all, never mind that it wasn't very good.

It depends on how you define top-tier hackers. State sponsored attackers (hackers with ties to governments, regime, etc.) have a lot more capital at their disposal. Sometimes they work inside government funded facilities. They could use matrix, signal, forums, IRC, for chat. Browsing usually comes to preference but a hardend version of firefox is preferred. OS, whatever they want. Usually you would attack from a custom distro or a kali box. These hackers are well funded.

Lone hackers, they would probably use Tor, Signal, Tails, Kali, to remain anonymous online but have the tools necessary. The most important thing for them to stay anonymous is to have jumpboxes. You would use stolen credit cards or gift card to rent a VM from a host like Linode or Digital Ocean, and use that system to proxy the attacks. You can add any number of jumpbox to make it harder to track the origin of the attack.

This is the closest to correct. There are some other valuable things state level threat actors have at their disposal.

Or you just buy proxies from bot net herders with anonymous crypto.

I have not received an email from Google about the changes. It lead me to think that it is for accounts that have more than 1 active user. I have a G Suite Legacy with 1 account only. The change make sense to block companies from abusing the free legacy version. However, Google should allow users to downgrade to 1 account or migrate the data to gmail accounts.