Apple boasts of over 200 new features in Mountain Lion, the latest version of its operating system for Macs. Matthew JC Powell highlights the important ones.
There are some features in Mountain Lion that will make a big difference for every Mac user, but for the most part, it’s about security.
There’s been a fundamental shift in Apple’s mindset about security in recent times. Mac OS X was always a fairly secure beast, but Apple didn’t make too much noise about it. The attitude was basically ‘it’s not Windows, so you don’t have to worry about all those Windows nasties’. A few actual malware attacks on the OS X fortress in recent years have changed that. For the first time security is front and centre of Apple’s communication on Mountain Lion – not only in what are explicitly ‘security’ features, but throughout the OS.
For a start, there’s Gatekeeper. A logical extension of the App Store, Gatekeeper is a setting in the ‘Security & Privacy’ pane of ‘System Preferences’ that allows you to stop your Mac from installing software other than that which comes from trusted sources. In its strictest mode, Gatekeeper will only install software from Apple’s own App Store. Anything else you download or try to install from disc will be blocked.
The obvious advantage is that Apple has vetted every bit of software to make sure it isn’t concealing malicious intent. To gauge whether this is an effective approach, compare the number of malware attacks on Android smartphones to the number of attacks on non-jailbroken iPhones.
The default setting for Gatekeeper is to allow software from the App Store and from ‘identified developers’; that is, those who have a key from Apple that they can use to tag their software so the system knows to trust it when it arrives. Expect major developers like Microsoft and Adobe to have such keys, rather than going through the App Store where they’d have to hand Apple a chunk of their revenue.
Of course, you can tell Gatekeeper to get out of the way and allow you to install software from ‘Anywhere’. If you select this, you get a warning that doing so makes your Mac less secure. And it does – all the recent malware attacks on OS X involved users installing untrustworthy software.
Then there’s sandboxing, in which certain apps operate in their own little bit of protected memory and can’t do anything to the rest of the system. Safari has been sandboxed for a couple of OS X versions now, but in Mountain Lion, other potential vectors for attack such as Mail, FaceTime (videoconferencing), Reminders and Notes are all similarly sandboxed.
And for the technically minded among you, there’s Address Space Layout Randomization (ASLR). What that means is when apps run, they don’t always run in the same bit of RAM. This makes it harder for attackers to know which bits of your computer to attack. ASLR has been in OS X since version 10.5 (Leopard), but Mountain Lion extends it all the way down to kernel level, so the whole OS operates this way.
Also at the kernel level, the system is able to recognise the difference between executable code and data, so that if someone tries to sneak a nasty bit of software into your system pretending to be harmless data like a celebrity sex video (hey, I’m not judging you), the system won’t allow it to run.
Why does this matter? The number of malicious attacks on the Mac is still laughably small compared to the number of attacks on Windows and there still hasn’t been a successful self-perpetuating virus to attack OS X. But the difference between zero attacks and not-zero attacks is significant, and you can bet the number will grow as the Mac’s popularity increases. Apple obviously wants to get out in front of this and –for the first time –to be seen to be getting out in front of it. Pretending security is something Windows users have to worry about is no longer going to work.
iCloud: it’s everywhere
iCloud is Apple’s current name for its suite of online services. It’s a direct descendant of iTools, which dates back to 1998. That was replaced by .Mac in 2002 and MobileMe in 2008. But it’s more than simply renaming.
More than just email and calendars now, Apple's online services are integral to the new operating system.
The difference, of course, is iOS. Where iCloud’s antecedents were basically non-essential add-ons to your Mac-using life, iCloud’s raison d’être is keeping everything synchronised between the multiple devices that just about everyone has these days. Your Contacts, Calendars, Mail, even your bookmarks and the tabs you’re reading in Safari can all be synchronised between your various devices without you having to do anything.
The major change to iCloud for Mountain Lion is Documents in the Cloud, whereby documents you create in iCloud-enabled applications are saved automatically in iCloud and updated on every device on which you run that application. First is obviously Apple’s own productivity applications such as Pages, although the API is available to third-party developers. Anyone who wants to create OS X and iOS versions of their applications and keep documents automatically updated between them, can do so.
You’ll be able to save files just as you always have, into folders on your hard drive, even in iCloud-enabled applications. However, from now on you’ll have to make the explicit decision to do so. Documents saved in that way naturally won’t retain all the various advantages that iCloud offers.
iCloud isn’t exclusive to Mac users, either. Apple provides an iCloud control panel for Windows, so Microsofties with iPhones and iPads can keep their mail, contacts and calendars synchronised between their mobile devices and Windows. At this stage it’s not clear how much support, if any, will be available for documents and data in iCloud for Windows users –most likely that aspect of iCloud will remain Mac-only.
Why does this matter? iCloud is essentially becoming a file system separate from the Mac’s native file system. Where previously you saved a document or an image or whatever into a folder on the hard drive where any application capable of opening it could do so, saving things into iCloud means only the application used to create a document can open it. Anything else –including any malicious software out to wreak havoc on your Mac –can’t even see it, much less edit it.
That’s right, it’s a security feature. Didn’t I say Mountain Lion was all about security?
Of course, you can get around this using the ‘Open with’ command, much as you find on iOS devices. But doing so means you’re explicitly telling the system it’s OK for another application to open the file. It can’t be done without your permission.
Other cool stuff
No more calendar alerts that won’t go away until you click on them. In Mountain Lion, you get a small visual alert box that disappears after a few seconds, but then at any time you can swipe with two fingers from the side of your trackpad and the desktop will slide sideways to reveal the Notification Center. Here, calendar alerts, new email, Twitter mentions –any app that you allow to give you notifications – can be listed waiting for your action. In a few months support will be added for Facebook as well, so you’ll be able to keep up with conversations there on your Mac just as you do on your iPhone.
Unlike its iOS equivalent, the OS X Notification Center doesn’t have live updates like a stock ticker –that’s still in the somewhat neglected Dashboard, at least for now.
It’s not quite Siri yet – then again, Siri isn’t quite Siri yet – but Mountain Lion includes system-wide speech recognition. Wherever you can type, you can choose instead to dictate what you want to say. It’s actually fairly reliable for a speech recognition system. For instance, I dictated this entire paragraph using it (with just minor corrections).
Social networks are ubiquitous in the real world and no less so in Mountain Lion. As well as being able to Tweet straight from the Notification Center, you’ll be able to post to Twitter, Flickr, Vimeo and (in a few months) Facebook directly from many apps such as Safari, Photo Booth, Notes, iPhoto and others. This is also a feature that Apple has made available via an API to third-party developers, so expect to be able to post to your chosen sharing site from just about any relevant app before too long.
OK, China isn’t actually a feature of Mountain Lion. It’s a country. A big one, with lots and lots of people. And the thing with those lots and lots of people is that they largely aren’t using the English language and its many and varied typefaces, nor are they interested in a lot of the same social networking sites that English-speaking users spend their time with. Mountain Lion includes eight fonts for Chinese writers, plus improved support for handwriting recognition for Chinese character input. Support for Chinese online services such as QQ, Sina Weibo and Baidu is embedded just as deeply as Twitter and others are for the English-speaking world.
Still needs work
In case you’re thinking that perhaps Apple has achieved some kind of OS nirvana with Mountain Lion –that it’s an unsurpassable perfection of user experience, form and functionality – allow me to disabuse you of that silly notion.
For a start, the faux-leather effect on iCal and the Address Book that first appeared with Lion remains in the Mountainous version, despite the applications’ new names and some other interface refinements. The new Notes application brings its own ‘fake real’ effect with a torn paper flourish at the top of every single note. It’s not attractive and it’s not productive.
My major bugbear with Mountain Lion is the same one that’s bothered me with every version of Mac OS X to date and that’s the fairly arbitrary placement of various preferences. For instance, if you want to decide what types of volumes (hard drives, optical disks, servers) appear on the desktop, you might think that this would be in the ‘Desktop’ pane of ‘System Preferences’ –but no. Because Apple treats the Finder as an application somehow separate from the OS, despite the fact that the system can’t operate without it, you find that setting under the Finder’s own ‘Preferences’ menu.
Meanwhile, if you want to set something other than Safari as your default web browser –a system-wide setting, one would imagine –you’ll find that setting in Safari’s preferences. That’s right: you need to run Safari in order to tell your Mac you don’t want to run Safari.
And if you need to add a new email account, you can do that where you always have, under ‘Preferences’ in Mail. But you can also do it under the ‘Mail, Contacts & Calendars’ pane in ‘System Preferences’, new to Mountain Lion. Having more than one way to do things is fine, but more than one place to change the same settings is just a recipe for conflicts. Indeed, in upgrading to Mountain Lion I encountered a problem with one of my accounts because the settings in one place didn’t match the settings in the other place.
Speaking of default applications, it’s nice to be able to post to Twitter from just about any application, and being able to write a tweet straight from the Notification Center without even opening an app is nice, too. But if you’re notified about a tweet that mentions you and you click on it to reply, it opens Safari (or your default web browser) and logs in to Twitter to do so. If there’s a way to tell it to open your preferred Twitter client instead, I’ve been unable to find it.
Finally, there’s multiple-display setups. Once a rarity and the exclusive domain of power users, they’re increasingly common in these days when most people are buying portable computers and hooking up to a bigger display at home and/or in the office. Key features such as full-screen apps and Spaces (which allow you to maintain several virtual desktops for different applications) simply don’t cope with them. Spaces in particular becomes confused to the point of being virtually useless once you invoke a full-screen app.
At least Mountain Lion allows an app to go full-screen in whatever display its main active window is using –an improvement over Lion, which would only use the primary display, even if that was the 11in MacBook Air sitting next to your 30in Cinema Display. But more needs to be done. We power users want to use our screen real estate.