FAQ

Yes, completely free. No subscription, no in-app purchases, no ads, no "premium" tier. Sentinel will always be free. It is open source and built for people who take their privacy seriously — not as a product to monetize.

Sentinel requires macOS 14.0 Sonoma or later. It is built with SwiftUI and uses APIs introduced in Sonoma. Both Apple Silicon (M1/M2/M3/M4) and Intel Macs are supported.

No. Sentinel collects nothing. There are no servers, no analytics, no telemetry, no crash reports. Everything the app records stays in a local database on your Mac and never leaves your device. See the Privacy Policy for the full breakdown.

No. Sentinel is designed to be extremely lightweight. It uses passive event-driven hooks into CoreMediaIO and CoreAudio rather than CPU polling, so it consumes negligible battery. The menu bar icon uses essentially zero resources when nothing is happening.

Yes. The full source code is available on GitHub under the MIT license. You can read every line, verify what it does, and build it yourself from source. If you find a bug or want to contribute, pull requests are welcome.

Never. Sentinel only detects when another app activates your camera or microphone — it does not capture, record, or process any audio or video. It is a sensor watchdog, not a recording tool.

Sentinel hooks into CoreMediaIO, the low-level Apple framework that manages all camera and capture hardware on macOS. When any app activates the camera, CoreMediaIO fires a property change notification. Sentinel intercepts that notification in under 500ms and identifies the responsible process by PID and bundle ID.

Yes. When an alert appears, tap "Allow & Whitelist" and that app is never flagged again. You can also manage your whitelist directly from the Camera or Microphone tabs in the main window. Whitelisted apps are silently allowed — no notification, no alert.

"Block Always" adds the offending app to your blocklist. The next time that app activates your camera or microphone, Sentinel kills its process instantly — before any recording can begin. No alert is shown, no confirmation required. You manage blocked apps from the Camera and Microphone tabs. Blocklisted apps and whitelisted apps are mutually exclusive: adding one removes the other.

If an app has never accessed your camera or microphone before, Sentinel flags it with a "First Time" warning in both the alert banner and the event log. This helps you notice when brand-new apps quietly attempt sensor access — which is a common indicator of spyware or misbehaving software.

Yes. Sentinel is a menu bar app. Closing the main window does not stop monitoring — all sensors remain active and alerts still appear. The menu bar icon is always live. You can reopen the main window at any time by clicking the icon and selecting "Open Sentinel".

Open Sentinel → go to Settings → toggle App Lock on. From that point, every time the main window opens it will require Touch ID or your Mac login password before showing your threat data. Background monitoring is unaffected — the lock only applies to the UI.

You can add Sentinel to your Login Items via System Settings → General → Login Items. Sentinel does not add itself automatically — you remain in control of when it runs.

Sentinel shows all active connections (process name, local port, remote IP) without BPF. When available, it also resolves remote IPs to domain names via reverse DNS using the system's standard getnameinfo() — no special permissions required. BPF-level packet capture is not needed for the connection monitoring Sentinel performs.