Developer also recommended (tongue-in-cheek) to use Microsoft's built-in encryption services (easily defeated) in his outgoing blogpost — perhaps because he was barred from explaining the real reason for project's cancelation.
And of course Faulkner (The Sound and the Fury) and McCarthy (Suttree).
I'm not a big fan of William (he definitely has place in history), but Cormac is best fiction author alive in my lifetime (Steinbeck is best of 20th Century).
This will reduce the healthcare expenditure, per capita.
A great counterexample would be the USA — which despite the highest global expenditure, per citizien, has among the lowest life expectancies / healthcare outcomes.
The US does not have "among the lowest" life expectancy. We're just out of the top quartile. And that has less to do with the quality of American health care and more to do with obesity and sedentary lifestyles. I expect with the more widespread introduction of GLP-1 receptor agonists you're going to see a jump in American longevity.
Everyone in the US has access to healthcare. We have programs that cost little or nothing, depending on your income. Beyond that, we have EMTALA, which means the ER can't turn you away even if you never bothered to sign up.
Hal was likely part of the Satoshi team — even receiving the first ever bitcoin transaction (on the main blockchain).
Hopefully his children got to open extremely rewarding bankboxes, after his death (whether or not containing bitcoin — but likely so). If it were myself, I'd also keep quiet about such a miracle.
For my own meager holdings, I'll keep waiting (over a decade strong HODL, now).
Little Snitch is bound to the API provided by Apple. The NEFilterDataProvider API calls `handleNewFlow()` only after sending out the first IP packet.
Version 6 added DNS encryption and in principle we could filter lookups (similar to PiHole) at this level. That brings other issues, though: This filter is system-wide, so process-specific rules (and overrides) would not work. And results can be cached by mDNSResponder. So when a blocklist causes an issue, you may not be able to fix it by simply disabling the blocklist. But it's still something we consider.
I've been telling people about ya'll's DNS leaks for over a decade [3] — glad to finally hear back — most people won't believe me [0] until this flaw is demonstrated on their specific machine (easy enough). Those already using LittleSnitch will then typically set up better filtering (e.g. DNS white/blacklist, PiHole, et.alius).
And until the behavior is fixed, I will keep spreading the good word. Does the Linux version have this same flaw (i.e. backend requirements similar to Mac initial IP leak)?
----
A very neat product (LittleSnitch), but I stopped using it solely for above reason [1]. IMHO, this flaw should be better documented in your installer/docs.
[0] e.g. they'll lament "there is no way the developer would allow that sort of leak/behavior!" Their denial is a helluvadrug
[1] I had a 5-user site license, IIRC. Shortly after purchasing, I discovered above leakage so stopped using entirely [v3 user 33TEWP20B0-724KY-5XE522FEAC [2]]
[2] Go ahead and blacklist/cancel the above registration (it's a manyyearsold version, barely used) – my current mailing address is in my user profile (no longer use email/phone). Would love to help/feedback to make your product better. Would also love a refund (all these years later, on principle)
The eBPF filter in Linux Snitch decides immediately, so no TCP handshake leaks. But, as a consequence, we cannot inspect packet headers to verify the remote name and it's easier to trick it to show a false name. Little Snitch for Linux is not a security tool.
Please see my response to OD [I presume /u/littlesnitch is OD representative]. Nobody is disputing their "greatness" — I'm just criticizing a flaw in their approach to domain name filtering.
Hopefully OD will refund my original license (unused for many many many years, after I discovered this flaw). That would be good, in principle; good business. Hopefully OD will be more forthcoming in this vulnerability (or better disclose it) — or better yet: fix the unbelievable behavior.
No, I'm pointing out (against your initial claim) that OD's attention to detail might be lacking, here... at least they ought'a disclose the described/known vulnerability.
Instead, /u/LittleSnitch just commented elsewhere "Little Snitch is not a security tool" — interpret accordingly.
Do you understand that you can't redirect the question addressed to you to the devs if that question questions your own statement by pointing out that some important details are not attended to?
reply