Like its National Park namesake, Apple's newest operating system can be imposing, perhaps even a little daunting to newcomers. And although you won't find any bears in the digital version of Yosemite, that doesn't mean it's danger free. After all, online security is rarely a walk in the park--and these three features of Yosemite could potentially impact your security.
Spotlight knows where you are
Spotlight became a lot more useful in Yosemite, but it also became more talkative. That's because in order to return information about local services such as restaurants and other retail establishments it needs to know your location. That sounds logical, but it raised concerns from privacy advocates--and privacy-minded users--about just what information was being transmitted and what else it might be used for.
For its part, Apple says it's taken privacy concerns into consideration with Spotlight's new features, and even spells out its policy within the Security and Privacy pane in System Preferences:
In a response to The Verge, the company got even more specific, saying it uses a temporary identifier that resets every 15 minutes and that only a user's approximate, "blurred" location is transmitted. Additionally, the information is transmitted over a secure HTTPS connection.
If you're still not comfortable with that kind of information being transmitted, you can opt out of location-based search results by launching System Preferences, selecting Security & Privacy, clicking the Privacy tab, clicking the Details button next to System Services, and disabling Spotlight Suggestions in the resulting sheet.
Continuity: Sharing your data with yourself
Yosemite's much-touted Continuity features allow you to use your Mac and iOS device in a more tightly integrated way. You can start composing an email message or Pages document on one device and continue working on it on another device. You can do much the same with iMessages, SMS texts, and even phone calls. You can even connect your Mac to your nearby iOS device and send files via an improved implementation of AirDrop--all without ever entering a password.
How secure can that be? The trick to keeping it secure is in Apple's implementation. It uses a secure form of Bluetooth LE (for Low Energy) 4.0 for the connection, and will only connect devices that use the same Apple ID, signed into iCloud. Only then will the Handoff features be enabled.
Given the systems limitations imposed and the fact that adding a Bluetooth LE dongle to your older Mac won't enable Continuity, it's likely there are other checks in place as well. But in typical fashion, Apple's not saying.
Still feeling cynical? You can opt out of this feature as well, even if you want to stay logged into iCloud on all your devices. Just go to the General pane in System Preferences and make sure the box next to Allow Handoff between this Mac and your iOS devices is unchecked.
Sign up for Computerworld eNewsletters.