Important New Features Make OS X El Capitan Not Just a Tune-up

OS X Yosemite has been a bit of a problem for some users, especially with networking, and so the WWDC announcement of El Capitan was broadly greeted with enthusiasm. Apple's stated focus in the keynote was on the experience and performance, but, in time, we've learned that important changes under the hood will also contribute to security and better networking. Here's a look at how El Capitan is going to affect you for the better.

OS X El Capitan. Image credit: Apple

This column typically selects a single notable article, from all the week's news, to showcase, explore and comment on. However, this week, it became clear that several important new features of OS X El Capitan are coming to light and being assessed. It's all coming together into a great story.

1. First, we have Glenn Fleishman's excellent article on System Integrity Protection. at Macworld.

The way this works is that some of the authority of an admin user is being removed when it comes to modifying system files and processes. Even if malware were able to escalate itself to administrator privileges, it could no longer affect important system files. In turn, El Capitan becomes more secure. Mr. Fleishman's article provides the important details.

2. Next is System Wide two-factor authentication (2FA) in El Capitan (and OS 9) by Rene Ritchie at iMore. You'll specify trusted devices in your possession that are currently logged on to iCloud (or iTunes).

This 2FA will only be required under certain circumstances. As Mr. Ritchie explains it:

Most of the time you'll have an iPhone, iPad, Mac, or non-Apple phone you've signed into or registered with your account and you'll be able to get your verification code if and when you need it.

Also, since you only need it to add new devices (you buy a new iPad, for example), you log in from a new web browser (while on vacation and at an internet cafe, for example), if you wipe a device and need to set it back up from scratch, or if you want to change your password, you shouldn't need a verification number very often.

3. The third item is rather geeky, but kudos to Apple in its continuing transition to IPv6. While OS X has been IPv6 capable for about a decade, Apple has recently been using what's called "Happy Eyeballs," a protocol for choosing between the use of IPv4 and IPv6 connections. The net result was that IPv6 wasn't as highly favored as it should be. El Capitan's implementation of Happy Eyeballs will give much more preference to IPv6, which is appropriate now that the Internet is just about out of IPv4 addresses. For the fabulous details, see: "Revisiting Apple and IPv6" by Geoff Huston.

4. Finally, not new in El Captain is the return to mDNSResponder networking. OS X As we know now, 10.10.0 introduced the discoveryd daemon for networking, but it turned out to be not fully baked, and in 10.10.4 Apple returned to mDNSResponder. That's expected to be carried forward into El Capitan.

All the other more notable new features of OS X El Capitan have been presented by Apple in the WWDC keynote, its website, and in other articles. I won't go into those here. What I want to emphasize is that El Capitan, rather than rolling out a collection glitzy (sometimes buggy) user features is, instead, focusing on some very important networking and security issues under the hood that, while not obvious, will make using El Capitan faster, safer and more reliable.

This is what the users have clamored for, and this is what Apple intends to deliver. 

Next page: the tech news debris for the week of July 13. Killer robots and dangerous, incompetent computers.

Page 2 - The Tech News Debris for the Week of July 13


Science fiction literature, in its exploration of how human beings deal with new technology, takes up the case of how vastly intelligent computers and robots might lead to the extinction of homo sapiens. However, at the New York Times Quentin Hardy suggests the opposite. In "The Real Threat Posed by Powerful Computers," the author suggests that the problem might be computers that aren't smart enough. Or incompetent.

Recent examples include the recent same day shutdown of the New York Stock Exchange and United Airlines. Another minor but notable example is how iOS 8.4 is smart enough to monitor and report (after the fact) that an app went wild and completely discharged the iPhone's battery in a few hours but isn't smart enough to shut down a misbehaving app before that happens.

I always have the feeling that millions of lines of code that serve the public are just sitting there executing without introspection or intelligent agents that can look for trouble. In some cases, I think we have that, but economic pressures, I am told, preclude it in many other cases that affect public safety and commerce.

Related to all that is an interview I did recently about writing a different kind of more secure code. "Interview: How to Write Secure Software, Guaranteed." Code that operates only as intended, even as it gets upgraded, will be both more secure and reliable.

Back to the NYT article. As Mr. Hardy puts it:

But the real worry, specialists in the field say, is a computer program rapidly overdoing a single task, with no context. A machine that makes paper clips proceeds unfettered, one example goes, and becomes so proficient that overnight we are drowning in paper clips.

In other words, something really dumb happens, at a global scale.

Also related to huge code bases is the catastrophic failure of large networks. As the next article points out, "When things work in new ways, they break in new ways." That quote is found in Jennifer Ouellette's "The New Laws of Explosive Networks." Research is being done on how a special kind of intervention can prevent networks that are close to a dangerous phase transition from failing. Think of it as software Prozac. This is a good article.

Perhaps there's nothing to worry about until large scale computer systems and networks get a lot smarter.

Finally, while we're on this theme, I found the next article, thanks to physicist and science fiction author David Brin (@DavidBrin) "Do we need new laws for rise of the robots?" by Peter Kelley. Here, Mr. Kelley explores the work of Ryan Calo, assistant professor in the School of Law at University of Washington. (But see my note below*.)

Though mention of robotics and artificial intelligence can prompt images of unstoppable Terminators and mutinous HAL 9000 computers, Calo dismisses such drama early on. “And yet,” he [Calo] says, “the widespread distribution of robotics in society will, like the internet, create deep social, cultural, economic, and of course legal tensions” long before any such sci-fi-style future. “Robotics combines, for the first time, the promiscuity of data with the capacity to do physical harm."

I bring all this up because Apple (and Google and Microsoft) are no longer boutique software companies building Macs, PCs and spreadsheets. These companies are poised to build devices that seek to protect us either from Internet villains or from crashing in autonomously driven cars. And there's no end to that future with these companies imagining things we (and they) haven't even yet dreamed about.

How well these companies construct those future endeavors, woven into our lives, remains a massive exercise in software design, security, reliability and networking integrity while under simultaneous, villainous assault. And deficiencies of the law.

Someday, we'll look back fondly at the simplicity of OS X El Capitan.

* To my knowledge, none of the world's lawmakers have cast Isaac Asimov's Three Laws of Robotics into law. Why is that?  Is it because they think the laws are too simple for a 100 page law? Don't understand the logic? Are the ravings of a cult SciFi author from the past? (Who was a professor and had a Ph.D. in chemistry, by the way.) Let's discuss in the comments.


Particle Debris is a generally a mix of John Martellaro's observations and opinions about a standout event or article of the week (preamble on page one) followed by a discussion of articles that didn't make the TMO headlines, the technical news debris. The column is published most every Friday except for holidays.