Depending on whom you ask, Apple’s latest OS X update, 10.10.1, may be the most anxiously-awaited ever.
OS X 10.10 Yosemite didn’t introduce big technological changes.
Despite working much the same as earlier versions of OS X, its visual tweaks were probably the biggest differences.
Out went the 3D shadow-edged visual flavour of the Steve Jobs era.
In came Sir Jony Ive’s preferred “flat canvas” look introduced in iOS 7.
So, if the visual shock-and-awe came in the original release of Yosemite, why were at least some people, this writer included, waiting on the edges of their seats for the first point update?
The main reason was the unexplained, and perhaps unexplainable, problems that many users had with Wi-Fi.
The network would stay up, and would even send and receive traffic such as pings, but UDP and TCP packets would suddenly vanish without trace.
That was almost worse that being cut off completely: your applications saw the network as “up”, and therefore couldn’t tell that it was dead and probably not going to recover without the intervention of a human (or a shell script).
Ironically, at least for me, taking the interface down and back up almost always recovered the situation, but at considerable cost to the general reliability of the average cloud application.
In the end, I fell back on using an Android 3G access point connected via USB tethering instead of by Wi-Fi, which was significantly more reliable, if modestly less convenient.
Others had equally frustrating and mystifying problems, with Naked Security’s report about Yosemite’s Wi-Fi woes turning into one of our most commented articles.
Indeed, no sooner had Apple’s OS X 10.10.1 update notification dropped into my own email box than someone asked on Naked Security:
So Paul, has Yosemite 10.10.1 fixed the Wi-Fi problems?
Oh, boy, I hoped so!
Apple certainly implied things would be getting better:
It was half an hour or so until the App Store actually offered me the update, and another half and hour or so until my request to carry out the update (which is 311MB, by the way) was accepted.
Then it was about five minutes of downloading; seven minutes of pre-reboot update process; seven minutes of post-reboot update processing; and there I was:
So, has Yosemite 10.10.1 fixed the wifi problems?
I’ll come back to that.
OS X 10.10.1 security fixes
There are pure-play security fixes in OS X 10.10.1 as well as the claimed Wi-Fi betterment, and they’re quite interesting.
At least one can be considered critical: a remote code execution (RCE) vulnerability in Apple’s core browser technology, WebKit.
RCEs in browsers almost always mean “click-to-own”, where a maliciously-crafted web page can escape from your browser and infect your computer even if all you do is look at that page.
No need to click any “Yes, I want to download this suspicious-looking file” or to agree to “Open a program from an unheard-of-developer.”
Another vulnerability, one that didn’t put your Mac at risk of being hacked, so can’t be considered critical, nevertheless raises a raft of privacy-related questions.
Spotlight, Apple’s search-and-indexing engine that helps you find things on your Mac, now includes a Spotlight Suggestions option that will call home to Apple’s servers, including your location if you have Location Services turned on.
Apparently, even with Location Services off, the first call home by Spotlight or Safari included your location anyway.
Bad luck if you were at home and had expressly configured your Mac not to tell Apple where you lived.
According to Apple:
This issue was addressed by removing [location] information from the initial connection and only sending the user's approximate location as part of queries.
It would be nice to hear that Apple also planned deliberately to discard any location information collected incorrectly, but if that’s what the company intends to do, it isn’t saying..
What do you think?
Imagine that a company has collected even tiny shreds of personal data, like location, due to a bug.
Should the company be obliged to erase that data, even from users who would otherwise have consented, and say that it has done so, on the grounds that consenting users will soon re-supply the information anyway?
Or is it good enough just to fix the bug and stop collecting that information in future?
(Let us know what you think in the comments.)
By the way, our recommended settings for Spotlight and Location sharing are to turn off Spotlight Suggestions (and not to index your online searches, either) in System Preferences|Spotlight|Search Results, and to disable Location Services in System Preferences|Security & Privacy|Privacy:
Two other privacy-leakage bugs were fixed: cookies and cached data left behind incorrectly after switching Private Browsing off; and information leaked by mistake when you used About This Mac.
I’d say that OS X 10.10.1 is worth it for those fixes alone, even if it is already too late to stop Spotlight’s “first time” data leakage.
Are we there yet?
But the biggie, as we said at the start, is, “Has Yosemite 10.10.1 fixed the Wi-Fi problems?”
Well, Apple isn’t giving any scientific or engineering detail, and (if the truth be told), it isn’t actually claiming to have fixed anything.
It’s saying no more than that 10.10.1 “improves Wi-Fi reliability.”
I haven’t had the update very long, of course, so I can’t give you any scientific or engineering detail, either.
My only comment so far is, “It’s no worse.”
That’s all I’m saying.