Comment by sly010
9 years ago
Exactly. Firewalls like Little Snitch primarily filter traffic primarily based on the binary initiating the connection, and only secondarily based on the target port or address. When little snitch pops up the 10th time in 30 seconds, you will just approve all traffic from your browser, so using the browser to send all traffic is great way to avoid being caught.
As for what "injecting into little snitch" means, it could either mean injecting code into little snitch, because little snitch probably doesn't filter itself OR injecting a rule into little snitch.
Little Snitch does filter itself, but the Allow rules are there by default. I remember on a previous version, one of the steps to pirate LS was adding a rule to block it from connecting to it's servers.
They've added internal protection against this in recent versions.
Casually browsing the archive, I saw something related to injecting payloads into OSX applications. The application that did this required the latest version of XCode to compile, according to the installation and build docs.
Are you suggesting that this indicates recent activity on the project?