Sounds like that varies widely by person/use case. I’ve been using this software for a couple years at this point. I don’t have to update rules all that often (usually a few rules/week), and when I do, it’s usually a 10-30 second detour. The only time it takes more work is if I don’t know why something is trying to connect. But that’s exactly the scenario I’m targeting, i.e. calling attention to the weird looking connections.
My use cases are general productivity, development on side projects and a variety of software experiments, gaming, and some local AI stuff.
I also don’t see this as a ton of work. Rules are 99% pre-configured for you and all you have to do is choose the scope and duration of the rule and whether to reject or allow.
I’ll admit it’s annoying once in awhile if there’s a major update to software that spawns a bunch of new rules, but once I get past the feeling of being annoyed, it’s really an extremely simple and quick process.
Really have to emphasize the habit creation part. After I stuck with it for a few weeks, it became second nature and I stopped getting annoyed for the most part. I consider this a worthwhile habit to build if you’re trying lots of code/libraries and want to know what’s phoning where.
In terms of time spent, that amounts to about one minute per week for me right now. Sometimes less.
The user experience is streamlined, and adding rules involves responding to a dialog that automatically pops up when a connection is attempted. UX is key here and this would be a very different story if you had to go into a separate rule management interface every time.
Regarding paranoia, I don’t see it that way. Supply chain attacks are alive and well, and if you’re running other people’s code on a regular basis, this is a low cost precautionary measure. I totally recognize that not everyone has the same risk profile or tolerance.
Generally I don't get many prompts day to day, if I do it's because something has changed or I'm using a new application and I find it comforting to know what's going on.
You can make rules based on host, process arguments, etc so it's pretty flexible for allowing stuff you consider safe and staying out the way.
Long ago I used zonealarm on windows and it's a pretty similar ux to that.
I still use firejail or docker for anything that might be sketchy, but it's been super interesting seeing what trusted applications are doing. For example I was a bit shocked that the gnome calculator app was making network requests but it turned out it was for currency exchange rates.
I have found it makes me less paranoid, which is good.
In using it for a while, I have only found a few pieces of software trying to access places I don't expect and don't approve of (quite a few more that I do expect, but don't approve of). And none of them seemed to be actively malicious, just misbehaved or poorly configured.
Genuinely curious: how/why does that seem too often? I truly don’t understand. Have you seen the user experience and what’s involved?
How do you feel about other common permission prompts, e.g. location, microphone, camera, share your screen, run as privileged user, etc? I appreciate being asked about those things and I put this in a similar category.
> Genuinely curious: how/why does that seem too often?
I want to work, not manage my work station.
I don't mind configuring things, my dotfiles are the product of 25 years of tweaking. But having to tweak anything multiple times per day is not going to help me work, it is going to hinder my work.
Worth a shot! The first few days are by far the worst while all of the existing connections are accounted for, but things calm down quickly.
One thing I wished I knew sooner was that the square [+] button on the rule dialog opens more fields on the form for editing.
This makes it super easy to create a single wildcard rule e.g. when timesyncd tries to hit an ntp server for the first time, I expand the autogenerated rule that pops up to include all subdomains like *.ntp.domain.tld so I don’t have to keep creating rules for the other ntp servers. I’ve gotten more efficient over time this way.
My use cases are general productivity, development on side projects and a variety of software experiments, gaming, and some local AI stuff.
I also don’t see this as a ton of work. Rules are 99% pre-configured for you and all you have to do is choose the scope and duration of the rule and whether to reject or allow.
I’ll admit it’s annoying once in awhile if there’s a major update to software that spawns a bunch of new rules, but once I get past the feeling of being annoyed, it’s really an extremely simple and quick process.
Really have to emphasize the habit creation part. After I stuck with it for a few weeks, it became second nature and I stopped getting annoyed for the most part. I consider this a worthwhile habit to build if you’re trying lots of code/libraries and want to know what’s phoning where.