Latest update security changes make LS unusable from remote connection

General discussions about Little Snitch
solstone
Posts: 3
Joined: Thu Jan 19, 2017 9:37 pm

Latest update security changes make LS unusable from remote connection

Postby solstone » Thu Jan 19, 2017 9:44 pm

Hey guys, this is really annoying and it took me a bit to figure out that Little Snitch is the problem here. I often use Teamviewer to remote control a home computer when I am at work or other places. But with the latest update to Little Snitch, now when there is a Little Snitch popup asking for permission to connect to something I cannot click on the popup itself. I also cannot click on any of Little Snitch controls, or preference windows. I can click on and control everything else.

It appears as though the change you made to increase security around 'simulated clicks and keystrokes' actually breaks your own software.

Please advise. I have been a paid customer for a long time. I am now stuck with a popup I cannot click out of, presumably until I actually get home.

solstone
Posts: 3
Joined: Thu Jan 19, 2017 9:37 pm

Re: Latest update security changes make LS unusable from remote connection

Postby solstone » Thu Jan 19, 2017 10:01 pm

Looks like you guys hid this away in the FAQ:
Remote Access via TeamViewer or RealVNC doesn’t work!

In Little Snitch 3.7.2 we have improved protection against simulated keystrokes and mouse clicks to make sure that malicious software cannot change your firewall settings by simulating user interaction.

Unfortunately this also affects software that allows you to access your Mac remotely (like TeamViewer, RealVNC, etc).

If you do need remote access Little Snitch, you have to enable the “Allow GUI Scripting access to Little Snitch” option in Little Snitch Configuration > Preferences > Security.
------
You know what would have been helpful? Bringing this to my attention during the update instead of waiting for me to find out the hard way, while attempting to remote control my machine. I am now stuck and have no way to get unstuck until I can get home and change this setting.

Side note: Want to know how I found this in the FAQ? I was looking for instructions on how to uninstall LS. That is how angry I am at the moment. In future, please make your updates (which always require a reboot) a bit more verbose to save your paying users from this kind of annoyance.

john1
Posts: 1
Joined: Wed May 24, 2017 3:59 pm

Re: Latest update security changes make LS unusable from remote connection

Postby john1 » Wed May 24, 2017 4:08 pm

Hi,

I have two headless macs set up at home which I access remotely via Teamviewer and VNC. I don't have any monitors at home anymore, and I've just spent the last 15 minutes looking for my mouse, but can't find it!

Is there a way to turn this security setting off via the command line?

Many thanks,
John

tetsujin
Posts: 2
Joined: Fri May 17, 2013 9:54 pm

Re: Latest update security changes make LS unusable from remote connection

Postby tetsujin » Sun Jul 09, 2017 1:52 pm

Well, at least discovering this thread saves me from completely wasting my time trying to get into my machine 4000 miles away.
I'm locked out until I get back home.

I can see via Remote Tap (a VNC for iPhone) exactly which button to press to allow me in... but I can't press it.

Marvellous. Great. Thanks.

My plan, should anybody want to try it in future, was to by default deny `screensharingd`(because of the myriad hack attempts I see daily) which I have port forwarded to my desktop, Then, using Remote Tap which I also forward on a nonstandard port to the same machine, disable silent mode in LS, allow access to screen sharing from my current location using Remote Tap, then re-enable silent mode.

Personal 2FA... now sadly only sweet FA.

idf
Posts: 2
Joined: Mon Apr 27, 2009 6:34 pm

Re: Latest update security changes make LS unusable from remote connection

Postby idf » Sat Jul 15, 2017 4:28 pm

solstone wrote:You know what would have been helpful? Bringing this to my attention during the update instead of waiting for me to find out the hard way, while attempting to remote control my machine. I am now stuck and have no way to get unstuck until I can get home and change this setting.

Agreed. I'm wondering why both Teamviewer and Logmein suddenly can't press the buttons on LS dialog boxes when a change that has such an effect has no warning on the update. I'm now left with the choice between letting teamviewer connect to anything/any port just in case, or switching off the LS GUI option.

sergiorbp
Posts: 1
Joined: Thu Oct 26, 2017 5:55 pm

Re: Latest update security changes make LS unusable from remote connection

Postby sergiorbp » Thu Oct 26, 2017 6:11 pm

solstone wrote: I am now stuck and have no way to get unstuck until I can get home and change this setting.

This might not work for you or it might be already too late in your case but it might help others. If you have another mac (Mac#2) running TeamViewer and on the same network that can access the mac in question (Mac#1) via Apple's Screen Sharing you can use it to change the settings of Little Snitch. So you basically connect to Mac#2 via TeamViewer and from Mac#2 to Mac#1 via Apple's Screen Sharing. It is a little sluggish but it works and by the way, you don't need to restart Mac#1 to make the change effective.
Also if you have "Back to my Mac" available from your remote location I assume you can do the same thing but since my work's IT dept is blocking it somehow, I can only use TeamViewer.

i90rr
Posts: 7
Joined: Tue Oct 17, 2017 4:53 pm

Re: Latest update security changes make LS unusable from remote connection

Postby i90rr » Thu Oct 26, 2017 11:53 pm

tetsujin wrote:Well, at least discovering this thread saves me from completely wasting my time trying to get into my machine 4000 miles away.
I'm locked out until I get back home.

I can see via Remote Tap (a VNC for iPhone) exactly which button to press to allow me in... but I can't press it.

Marvellous. Great. Thanks.

My plan, should anybody want to try it in future, was to by default deny `screensharingd`(because of the myriad hack attempts I see daily) which I have port forwarded to my desktop, Then, using Remote Tap which I also forward on a nonstandard port to the same machine, disable silent mode in LS, allow access to screen sharing from my current location using Remote Tap, then re-enable silent mode.

Personal 2FA... now sadly only sweet FA.


Hold your ride, cowboy. Do you have SSH access enabled? If so, there might be a way be a way to get a remote GUI session running a VNC server from the command line...


Return to “Little Snitch General”

Who is online

Users browsing this forum: No registered users and 4 guests