Other (paid) alternatives: Vallum, Radio Silence

- https://vallumfirewall.com

- https://radiosilenceapp.com

I feel like macOS has been going the direction of iOS, increasingly locking things down and pushing to a walled garden world. What’s the chance that the next major update or two make changes that prevent utilities from having the access they need to provide these power user capabilities?

Minimal, but there were some changes a few years ago that made it harder to monitor and block system traffic. https://news.ycombinator.com/item?id=24838816

How would you compare these to little snitch?

Doesn't macOS also have a built in (but disabled by default) Firewall? Why does nobody use that?

There are actually two default firewalls. The firewall that's configurable in UI can only block inbound connections but not outbound connections. The other firewall (pf) doesn't have the concept of application so one cannot allow one app to access a remote IP but block another, and I also don't think it supports DNS.

As others have indicated, LuLu (like Little Snitch) notifies you when your machine is initiating an outbound connection and lets you grant or deny permission, and to set up a persistent rule for that app/connection.

The built-in firewall is only for incoming connections, not outgoing connections.

It only handles inbound connections.