New Features

• This version runs on macOS Mojave (10.14). Please note that the new system-wide dark mode is not supported by Little Snitch yet.

Bug Fixes

• Fixed multiple issues that could lead to a Code Signature Alert showing an internal error. These alerts should be gone now for universal apps running in 32-bit mode and for Java apps.
• Fixed an issue that could lead to a crash of Little Snitch Daemon when launching a development build of an iOS app in the iOS Simulator developer tool.
• Fixed some texts in the connection alert not being localized correctly.
• Fixed an issue where a connection alert could disappear when the connecting process terminates.
• Fixed updates of subscribed rule groups always setting the creation date of rules to the date of the update. This would cause all rules in the group to appear in the “Last 24 Hours” filter after every update, instead of just the ones that were added or modified.

Improvements & Bug Fixes

• Renamed “Managed Rules” to “Rule Group” and “Rule Group Subscription”.
• Improved compatibility with Google Chrome.
• Improved Installer application to prevent malicious software from hijacking the installation procedure (Credit to Patrick Wardle for discovering this possibility).
• Fixed issues with Automatic Profile Switching when joining a new, yet unknown network.
• Fixed an issue in the connection alert in conjunction with terminated processes when the “Confirm connection alert automatically” preferences option was turned on.
• Fixed an issue causing VPN connections to be wrongly considered as local network connections due to an incorrect netmask of the P2P interface set by the IPSec client of macOS.
• Fixed an issue causing the connection alert to repeatedly switch between different, pending connection attempts.

Rule Group Subscriptions

Rule groups are sets of rules that anyone can create and publish on their web server for others to subscribe to. Whenever changes to the rules are made by the publisher, subscribers receive these changes.

This is useful for providing automatically updating blocklists, distributing a common set of rules to multiple computers in a corporate network, or for app developers who want to provide a set of rules to their customers to make it work seamlessly with Little Snitch.

To let you test this feature we provide an example rule group. To subscribe to this group, open Little Snitch Configuration, choose New Rule Group Subscription from the File menu, and enter the following URL:

You can find more information about subscribing and publishing in the documentation chapter Rule Group Subscriptions.

Other New Features and Improvements

• Improved display of inactive rules in Little Snitch Configuration. If a rule is inactive for whatever reason — either if it’s not enabled, if it’s part of a profile that’s currently not activated, if it’s in a rule group that’s currently not activated, or if the entire network filter is turned off — the rule is now consistently displayed with a gray text color.
• Focus Mode: Little Snitch Configuration has a new mode that allows you to focus on a specific subset of rules. Selecting one or more rules and then choosing View > Focus on Selected Rules or View > Focus on Rules Affecting Selection will focus on just the rules you want to see, while leaving the search field free for further filtering. Focus Mode is also used for revealing matching rules from the connection alert or Network Monitor (e.g. by right-clicking a connection and choosing Show Corresponding Rules).
• The rule groups “iCloud Services” and “macOS Services” can now be activated and deactivated using a checkbox next to their name in Little Snitch Configuration’s left sidebar (previously, these checkboxes could be found in the preferences window). This allows you to see what rules these sets contain before activating them.
• Profiles can now be activated and deactivated in Little Snitch Configuration’s left sidebar using a checkbox next to the profile.
• The special “Code Signature Issue Override Rules” that Little Snitch creates under certain circumstances can now be edited in Little Snitch Configuration just like normal rules. This should make it less confusing to deal with situations where an application is reported to have no valid code signature. See Code signature issues > Special Code Signature Issue Override Rules for more details.
• Connection alerts for applications that have an issue with their code signature now include direct links to the relevant section of the online documentation. The relevant chapter Code signature issues has been extended to provide much more details and examples for how Little Snitch behaves when an application without a valid code signature tries to establish a connection.
• Added support for the current version of the QUIC protocol. This fixes an issue with connections from Google Chrome, where the connection alert only showed the IP address instead of the hostname under some circumstances.
• In addition to checking that an application’s code signature is valid, Little Snitch now also checks the code signing certificate that was used to create the signature. Only certificates that were issued by Apple are currently accepted.
• Many more minor improvements.

Bug Fixes

• Fixed an issue where a connection alert could sometimes be shown despite an existing rule that allowed the connection. We observed this mainly with Google Chrome.
• Fixed an issue in “Silent Mode – Deny Connections” where incoming TCP connections would sometimes be denied despite an existing rule that allowed the connection.
• Many more minor bug fixes.