> ...my primary line of defence is AdGuard Home. By handling privacy at the DNS level...
To each their own, I guess, but that would be a hard pass from me. One example from mobile: FF on android keeps trying to connect to its various services (like firefox.settings.services.mozilla.net). For privacy reasons, I use NetGuard to block this and other similar domains. But there is a gotcha: there are sites (like seekingalpha.com) who refuse to load if access to these same domains is blocked - even on a completely different browser! With NetGuard I can still visit those sites in the secondary browser while blocking Mozilla tracking. With DNS blocking I wouldn't be able to do that.
last thing in the world i want is to install proprietary software on linux. even less so is something meant to be security software and interacting directly with my network stack.
> But I currently can't make the entire project Open Source. My other option would be to keep it completely private (wrote it mostly for myself in the first place).
> I think it's still better to make it public and only partially Open Source so that some people can benefit from it. If you don't trust us, that's completely reasonable, just don't install it.
One nice thing about LittleSnitch on linux is that it comes with a web UI by default. Is there anything like that for headless systems using OpenSnitch?
I get the appeal; the Little Snitch UI is undeniably shiny. But for the headless Linux nodes in my Proxmox setup, I’ve never really felt the need for a proprietary dashboard just to see my network state. I’d much rather export my logs to something like Grafana or just check my AdGuard dashboard at the edge. It feels more "Linux" to keep the tools transparent and open than to invite a mystery binary onto my system just for the sake of a pretty graph.
> ...my primary line of defence is AdGuard Home. By handling privacy at the DNS level...
To each their own, I guess, but that would be a hard pass from me. One example from mobile: FF on android keeps trying to connect to its various services (like firefox.settings.services.mozilla.net). For privacy reasons, I use NetGuard to block this and other similar domains. But there is a gotcha: there are sites (like seekingalpha.com) who refuse to load if access to these same domains is blocked - even on a completely different browser! With NetGuard I can still visit those sites in the secondary browser while blocking Mozilla tracking. With DNS blocking I wouldn't be able to do that.
Glad you also talk about OpenSnitch. It is critical to have it installed.
OpenSnitch and PiHole are simply a must on every network.
Can you elaborate on ideal pairing?
for folks on the mac, Lulu has been a great option too. https://github.com/objective-see/LuLu
objective-see is carrying an immense weight for Mac users
Security: BlockBlock, KnockKnock, RansomWhere...
System/Productivity: TaskExplorer...
Yes times 4
last thing in the world i want is to install proprietary software on linux. even less so is something meant to be security software and interacting directly with my network stack.
See "Little Snitch for Linux" https://news.ycombinator.com/item?id=47697870
Also:
> Little Snitch is not there to replace OpenSnitch. It's just an additional option you can choose from. Some people might prefer it, others not.
https://news.ycombinator.com/item?id=47701918
> But I currently can't make the entire project Open Source. My other option would be to keep it completely private (wrote it mostly for myself in the first place).
> I think it's still better to make it public and only partially Open Source so that some people can benefit from it. If you don't trust us, that's completely reasonable, just don't install it.
https://news.ycombinator.com/item?id=47701740
How anyone could trust OpenSnitch is beyond me.
Please elaborate
One nice thing about LittleSnitch on linux is that it comes with a web UI by default. Is there anything like that for headless systems using OpenSnitch?
I get the appeal; the Little Snitch UI is undeniably shiny. But for the headless Linux nodes in my Proxmox setup, I’ve never really felt the need for a proprietary dashboard just to see my network state. I’d much rather export my logs to something like Grafana or just check my AdGuard dashboard at the edge. It feels more "Linux" to keep the tools transparent and open than to invite a mystery binary onto my system just for the sake of a pretty graph.