Three-way handshake bypassing Little Snitch

Christian on Little Snitch, Security — June 6, 2023

There has been some discussion recently about the bypassing of Little Snitch by the first datagram of a three-way TCP handshake. The facts: When a deny-rule for a domain is set in Little Snitch, and a TCP connection is made to that domain, a TCP SYN…

The Story Behind CVE-2019-13013

Christian on Mac, Security, Little Snitch, Developer — August 26, 2019

This blog post targets fellow software developers. It’s a story of how it could happen that we shipped a version of Little Snitch with a serious vulnerability and, more importantly, what we can learn from it. It all began with a security…

Archive