Comment by cxr

7 days ago

The Wikipedia page for Little Snitch indicates that it's written in Objective-C. Is that still the case? Before going with the new implementation, did you attempt (or consider) to port the current codebase (using e.g. Cocotron or GNUStep libraries)? If so, how good or bad of an experience was that?

Why is Little Snitch for Linux™ so hard to find from the company homepage[1] and the product page from the legacy app[2]?

Did the fact that you knew it was going to be made partially open source factor into your decision to develop a new, JS-and-DOM-based UI rather than having build targets for a shared, cross-platform codebase? (E.g. so that you wouldn't end up disclosing the source for the proprietary Mac version?)

1. <https://obdev.at/index.html>

2. <https://obdev.at/products/littlesnitch/index.html>

4 comments

cxr

Reply
cxr  7 days ago

Intentionally not edited to add:

Why are you using minified dependencies (like uPlot.iife.min.js[1] and uPlot.min.css[2]) for a desktop application?

uPlot is also open source (released by Sorokin under MIT), but why aren't you following the terms of its license[3]?

1. <https://github.com/obdev/littlesnitch-linux/blob/main/webroo...>

2. <https://github.com/obdev/littlesnitch-linux/blob/main/webroo...>

3. <https://github.com/leeoniya/uPlot/blob/master/LICENSE>

  • littlesnitch  6 days ago

    Sorry, I overlooked that. I actually checked the license only to the point whether we can include it without other obligations and then downloaded what was offered as a download on either the web site or github, can't remember. I decided for the minified version because it's smaller. That's the purpose of minification, after all.

    It's somewhat strange that they require the license to be reproduced in every copy, but then offer a download without it. But anyway, I'll prepend the license to the next public release.

    Thanks for pointing that out!

    • cxr  6 days ago

      > I decided for the minified version because it's smaller. That's the purpose of minification, after all.

      Mm... the purpose of minification, when it's not (also) being used for obfuscation purposes, is tied directly to the execution model of Web apps—constraints that don't apply for desktop applications (even if they are implemented in e.g. the same programming language or using the same or a similar runtime).

      App makers and browser extension developers who shoehorn all of the (frankly already very bad or at least questionable) "best practices" associated with the tooling that was created to deal with creating/maintaining/delivering SPAs and other browser-based products into applications loaded from disk are just fundamentally not thinking things through.

      For a security-sensitive application like this one, where a show of nothing-up-the-sleeve is only a benefit, one should expect there to be _no_ minified blobs in use.

littlesnitch  6 days ago

I'll post in our blog about the development background later. The Linux version shares no code with the Mac version. Only concepts. It's written in Rust and JavaScript (for the Web UI).

Our site is primarily aimed at Mac users, and most visitors skim rather than read carefully. If the Linux package were more prominent, Mac users would likely click it, struggle to install it, and blame us for the confusion.

And regarding your third question: No. The decision was made when I wanted to run it on our headless servers.