Apple Maverick struck by security paranoia and high cpu usage (blog outdated)

This blog is outdated. In Septer 2015 an older MacBook Air (2009) was upgraded from Mountain Lion to Yosemite, and this was a nice experience. No errors found, and it seems like Apple is back on track. The MacBook is vital and alive, and I even suspect the use of the fan is more intelligent than with Mountain Lion. It IS more silent, it seems.

Therefore, the following is for the history books only, it is no longer valid:

This is an essay about too high cpu usage and overblown security mechanisms in the new version of Apple OS X called Maverick. And despite this security paranoia, watch out for the “change password” in Nådeløs jr.system preference, containing a severe error.

If in a hurry, then just read the red text as it explain a few quick fixes that could prolong battery life.

I put on my soon fameous investigation glasses, and so:

This weekend I was persuaded by the very promising marketing text sent me by Apple regarding the new version of the operating system OS X that has the brave title Maverick. I installed it, not completely without the effect of having the heart in the throat as we say here in Norway due to an innate skepticism to anything that could be put in the category called “new”.

Regrettably, my conclusion after a few days of usage is that this new version Maverick is not necessarily a step forward for humanity. 

Unfortunately, there is no ctrl Z feature here. I cannot revert to the previous version. I am stuck with the new.

Therefore, enjoy this essay on maverick, hereinafter and until further notice intentionally written with a small m, because the essay, in addition to offer helpful hints to those needing it, is also a deliberate attempt to insult the engineers and their leaders at Apple. This is a revenge for those guys installing things on my computer by surprise that does a lot of things I don’t like and have not asked for.

While their sole purpose should be to create a more effective working environment for me, the opposite has happened. Maverick is a time thief. Here are two important examples as to why I choose to offer such a flavoured commentary.

Reason 1: CPU usage and battery consumption has increased

The main reason for upgrading should be the new and very intelligent features for literally stopping any active process not doing anything active, and put it in what is called “App Nap”. This is supposed to be a sort of quarantine that prevents unnecessary battery consumption stemming from ditto CPU activity. I was intrigued by this announcement and it is probably working very well as well. I am sure that this feature alone will save battery consumption corresponding to e.g. at least 2% cpu usage, which is significant and important.

If it was not for all those other new processes showing dramatic increase in cpu consumption!

There are several examples on rapidly swelling cpu consumption, everything from “windowserver” that is a new dominant, to “kernel_task” that keeps on with at least 2.5% cpu regardless of whether anything else is going on in the NOW moment, or not.

Not to mention the audio system with its process “coreaudiod”, which immediately escalates itself to approximately +10 % cpu usage, staying at that level constantly as soon as any audio application is running, be it Apple’s own Garageband or whatever app.

As the matter is studied with the activity monitor now always splashed out on the screen so as to detect any new battery thieves, here in 2014, we find after a little investigation, ahem, here in 2014, that the cause of this total lack of respect for a humble laptop battery is due to the checking of a feature on the microphone input called “Use ambient noise reduction”. It means some well-meaning engineer being responsible for the microphone system has erroneously concluded that there is at the moment more than one person on the globe that are willing to offer – constantly – 10% of the machine resources in exchange for better input sound in case they should ever need it. Uncheck this feature that you rarely use, and the cpu consumption of this “coreaudiod” will drop to as low as 2.5%.

2.5% is still an extremely high penalty for just starting an audio application, and I look forward to spy, investigate, find and then kill that last cause as well.  

And being a software engineer myself, I can clearly state that 10% is a large penalty for doing echo cancellation. And the severity of capturing any system resources when a utility is not used, well, this is not good software from a fundamentally basic point of view. And it has the side effect of me starting rapidly to lose trust in Apple quality consolidation.

In other words…

While one team inside Apple seemingly and probably has done a great job and has created new “App nap” ways of providing extended battery life, it was never the less completely in vain. Why? Because all hell is loose in the rest of the organization and there is now literally a free flooding of new and cpu-rich software features in maverick that exploit this increased battery life in such a way that I immediately notice the downfall as compared to the previous version of OS X. That sentence was intentionally long meant as an illustration on this new and complicated situation with increased cpu usage and shorted battery life as compared to previous versions.

It is time to quote Steve Jobs as he explained why flash had to be thrown out of the OS X environment, as he said: “Fourth, there’s battery life.” Read his Thoughts on flash. I agree, but for another reason of which I may speak.

The difficult challenge and mandatory requirement specification of achieving prolonged battery life has been and should still be highest on the agenda in companies like Apple, but it is essential to operate as one unit, not as a fractional organization doing this and that.

From my years as project manager for large software and hardware projects, among them the FreePad, a forerunner for iPad, I would like to officially suspect that Apple at the moment is subject to a lack of technical management. Management is of course not only responsible, but even accountable for this most important of all functions in the organization: Proper quality control – qualification of products to behave according to product specifications.

Reason 2: The OS X maverick has been struck by the security paranoia

Just as has been the case with Windows for several years, there is in the new maverick alarming signs of new features resembling what we could only entitle “security paranoia”. Just as a sidenote to all Apple users not competent on Windows, there is in Windows e.g. a process that is called “Windows defender” that do not ask anyone to exploit the cpu at levels up to 50% whenever it wants and whatever you do, in particular if you choose to defend yourself “live”. You are thus protected against viruses and infections by a process that in itself has become a virus. Funny!

Yes, Apple customer, you may laugh now with me, but you just wait for another release or two, and this will be part of an OS X in your neighborhood, and here is one example:

I have myself made an app that streams mp3 radio streams from the internet; iRadio.app is the brave name and it is a good app. As a new security feature in maverick without the capital M, I am now asked each time I start this app the following question: “Do you want to allow the app “iRadio.app” to accept incoming network connections”, followed by “deny” or “allow”, but unfortunately without the mandatory “never ever ask me this question again” option.

However, without going into any detail, the lead text also explains that this brand new feature for the betterment of humanity, and having the side effect of calming down those inside the Apple organization struck by the awful “security paranoia”, may be turned off in the firewall pane of the system preferences settings.

I go there, and I find the firewall pane deep down in the security settings, and there I find that my app has already been cleared, the system has actually put a green light on “allow incoming connections”, on my very app! All for the good, if it was not for the fact that this apparent persistency regarding my preferences is completely forgotten the next time I start the app. To call a spade a spade, this is just a silly bug, but [update 7th of February 2014] I got so tired of reconfirming this allowance that I have chosen today to turn of the Firewall completely, since it was the only remedy found. This is not a joke, but I am sure this result was not what Apple is aiming at. 

If you are a burglar and a thief, there is now a grand opportunity to enter my MacBook and stir things up!

Reason 3: Watch out! The reset password is not working

I felt for resetting the password of the root admin account that I normally use, and I so did. I confirmed the new password, same as I have on my Toshiba Windows, and everything confirmed ok.

I then wanted to change the password for another reserve user as well. I then had to authenticate myself with the root account password. 


Neither did the old password. So there is a severe bug in this feature causing all the alarm bells I have to ring. The new Maverick actually tried to lock me out of the computer. I must say that I am now up on my toes, filled with a feeling of hesitance regarding these security related bugs.

The remedy? 

In my case, I logged out and logged in with that reserve account for which I (luckily) could not change password. It is an admin user and from this user I was able to change the password on the root account. I restarted the machine and confirmed the root admin had grasped its new password. Everything OK, but what would I have done without that reserve admin account? Reinstall Maverick? 

Oh, well, half an hour later … the machine is reset, and then iCloudHelper (that I have not asked for) and CalendarAgent (same, not asked for) and identityservicesd and MessageAgent (something to do with something called Facetime, but what is that?) are all asking for permission to be part of a keychain. And thus, I am asked for a keychaine password, but I have never defined such a password, so this just put me check mate.

After a little to and from on these issues that seemed to be in there for the long haul, I had to reset the keychain to default values, and maybe this was also the error of the password malfunction? 

Those who live will see.

Reason 4: The hours you need to spend to fix the “keychain” issues 

New security paranoia events are taking place on the Maverick as this essay is written. I had to spend several hours to compensate for the Apple negligence with respect to fix elementary errors in the “local items” keychain. 

For some reason, this keychain has a password that I have never given (havent seen that chain before). Unluckily, this is all it takes for a not-that-impressing-piece-of-security-software to give up. The situation creates a mandatory need to delete the whole keychain and rebuild it via a restart. The recurring and deeply annoying messages about this keychain is then hopefully gone. Follow the below link to a tutorial and you should be good, but why is this not part of the Maverick install? If there is password trouble, then it is suggested that OS X discovers this and suggest to replace with a new one. This is however not an option. Silly!

The article to fix this: http://support.apple.com/kb/TS5362


This keychain idiot keeps asking for password each time mail or other applications using “login” is started. The question to Apple is why there is no “disable passwords for keychain” or “keep me logged in to keychain login” features ? Because I repeat I do not want and I have never asked for password on keychains. I barely know what it is. Let me free!

Here is the helpful tutorial from Apple:

“OS X: Keychain Access asks for keychain “login” after changing login password

If you change your account’s password using your Mac OS X Install disc (or if your network-based account password is changed due to a network admin forcing a password change), your default keychain password (which uses the same initial password as your user account) does not change. Because of this, you will be prompted to enter a keychain password each time an application requires authentication that your keychain would normally provide.

Note: This doesn’t happen if you change your account password using Accounts preferences.

If you want your default keychain to be unlocked automatically when you log in, synchronize your Keychain Access and account login passwords by doing this:”

Then follows a prescription that DOES NOT WORK!

At the moment I am stuck with entering keychain password every time a start an app. Can’t believe this is happening. It is 2014.

As a final consequence, the mail app cannot access the password needed to access the mail account at the server. I am unable to read email. 

The ending note as a deep sigh

Hopefully somebody at Apple are reading bug reports, but Maverick sure has a lot of them.

I am sure there is a strong wind in Apple trying their absolute best to prolong my battery-life. I am not in doubt about that. It is only that there are other and stronger winds inside the same bureaucracy; for example the wind of “security at all cost” and the wind of “this is a nice to have new feature sold at a very low-cost of 2% cpu usage only so let’s go for it”.

And such is the nature of sound, that you can only hear and experience the strongest wind. The other winds are still there, but you cannot hear them.

With my Janson Borne ability to jump right into the abyss of computer and mechanical errors of all kinds, an ability that is probably either innate or karmic but nevertheless brutal for me and subsequently directly thereafter for the entities exposed to my sarcasm like in this article, I shall surely be deemed to be exposed to even further pitfalls in this new Maverick. I shall then report them here.

The recommendation

Anyway, the recommendation to Apple is to accept regardless of circumstances no more than an absolute maximum of less than 1% cpu usage when nothing happens in the NOW moment.

And also, consider a high-speed throw-out of any security related bugs, including those that are of annoyance rather than being a severe error. And make sure users aren’t locked out!

Please put Mac OS X back to its impressing origin state of e.g. the Lion version, if it is not too late.


%d bloggers like this: