I never claimed you claimed it. I was just pointing out the huge deficiency that makes picosnitch not an alternative to the broader use case littlesnitch supports To sidestep the more complicated discussion re. how poor the security architecture of Linux is, let's limit that use case to blocking legitimate apps' connections for privacy reasons

I apologize, that's a fair question given that I named it after Little Snitch. One reason I used the prefix pico is because it's extremely little, supporting only a subset of Little Snitch's features.

On Linux there's already a number of great apps for blocking legitimate apps' connections, however they all still support only a subset of Little Snitch's features, and there wasn't one that offered the subset I provided with picosnitch. Which of those features you consider most important is subjective and dependent on your use case. I consider picosnitch a valid alternative and the core feature to be snitching on programs, the same goes for the new free tier of Little Snitch Mini.

Also like I said above, it is difficult to hash executables and block them without introducing delays the first time anything connects to the internet. If you're only concerned about blocking legitimate apps' connections you don't need them to be hashed since you can trust them not to do anything too nefarious. Personally this was more useful to me, since if I see an unexpected new program or hash during updates, or a new hash outside of updating my containers, I can intervene or have another script stop my containers and alert me. I also get some value from this on my desktop since I do all my development inside containers, and use another drive with Windows solely for gaming.