April 9, 2026

Open vs Closed: The Snitch Wars

Article URL →HN comments →

Little Snitch comes to Linux, but the core logic is closed source

Linux fans split: open-source purists vs shiny UI crowd

TLDR: Little Snitch arrives on Linux with a closed core, sparking a fight between open-source purists and users who like its polished web dashboard. Comments split between "keep it FOSS with OpenSnitch + Pi‑hole/AdGuard" and "it’s just another option," with trust and transparency at the heart of the debate.

Little Snitch just landed on Linux, and the comments immediately went DEFCON 1. On paper it’s shiny—under‑the‑hood speed tech and safety‑first Rust, plus a slick web dashboard. But the twist? The “brain” that decides what to block is closed. Cue FOSS (free/open‑source software) sirens.

In one corner, purists yelling “no black boxes on my penguin!” One user snapped, "the last thing I want is proprietary software on Linux," while others piled on with OpenSnitch (the open‑source alternative) and Pi‑hole/AdGuard Home as the team‑up that already keeps their networks quiet. roscas led the chorus: "OpenSnitch and PiHole are a must." Another joked we’re "installing a snitch that won’t snitch on itself."

In the other corner, the pragmatists: "It’s just another option," said a link‑dropper to the HN thread, pointing out some might simply want the polish and web UI. One commenter loved the out‑of‑the‑box dashboard and asked if OpenSnitch has something similar for headless boxes. Then a bomb was lobbed: "How can anyone trust OpenSnitch?" And just like that, the trust fight flipped.

The vibe? Snitch Wars: open vs closed, ideology vs convenience. The community’s punchline: if a security tool won’t let us look under the hood, it’s not invited to the LAN party.

Key Points

  • Little Snitch has been ported to Linux and uses eBPF for kernel-level monitoring, is written in Rust, and includes a web UI.
  • The port’s core decision-making logic is closed source, with only parts of the project open.
  • The author rejects proprietary security tools and prioritizes fully auditable software for network control.
  • The author’s primary defense is AdGuard Home for DNS-level, network-wide blocking deployed on Proxmox infrastructure.
  • For application-level monitoring, the author uses Wordfence and prefers OpenSnitch as an open-source Linux firewall.

Hottest takes

"OpenSnitch and PiHole are simply a must on every network" — roscas
"How anyone could trust OpenSnitch is beyond me" — melon_tusk
"last thing in the world i want is to install proprietary software on linux" — kelsey98765431

Save News

Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.