Black Box Fears Clash with Feature Promises: Linux Privacy Tool Showdown Over Proprietary Code
Existing FOSS tools like OpenSnitch and Pi-hole are viewed as sufficient, creating systemic skepticism toward new proprietary blockers like Little Snitch for Linux.
The fight centers on code transparency. Misk argues fiercely that a security tool cannot contain any proprietary 'black box' code; for him, auditing the code path between binaries and the internet is a non-negotiable dealbreaker. Conversely, randomname pointed out the value in the tool's fine-grained blocking capabilities, even acknowledging the proprietary concerns. Other participants confirmed alternatives exist, citing Pihole and OpenSnitch as proven, functional replacements.
The community leans toward distrusting proprietary security software. While specific features attract users like randomname, the core guardrail—the insistence on auditable, open-source foundations—is upheld by critics like misk, showing that trust trumps polish in this security niche.
Key Points
Proprietary black boxes are unacceptable for core security functions.
misk stated, 'If I cannot audit the code that sits between my binaries and the internet, I am not interested.'
FOSS alternatives like Pi-hole and OpenSnitch meet functional needs.
yesman and the general consensus point to existing FOSS tools as viable alternatives.
Fine-grained control over connections is a major functional draw.
randomname stressed the utility of knowing exactly which apps connect and blocking specific domains/IPs.
Open source status does not equate to guaranteed security.
An anonymous commenter warned that even FOSS requires human review, meaning errors persist.
Mature open-source drivers exist for network monitoring at the gateway level.
Ch3rry314 noted that while firmware is tricky, Linux supports mature open source drivers for routing monitoring.
Source Discussions (4)
This report was synthesized from the following Lemmy discussions, ranked by community score.