I saw the news about Little Snitch coming to Linux via eBPF and Rust. On paper, it looks fancy. In reality, the backend is closed source.
Personally, I don’t see the point in installing a proprietary black box to monitor other black boxes. I’m sticking with my AdGuard Home setup and OpenSnitch for when I actually need to trace a binary.
I wrote up my thoughts on why I think this is a solved problem for most FOSS-first home labs.
Butbutbut the name has ‘open’ in it. How can this be?
(I worked on OpenUnix and OpenLinux, so I get it)