Last Week on My Mac: The pioneers are winning

The safest choice is so often to stick with what you’ve got. If your Mac is currently running Big Sur or any earlier version of macOS, it’s far easier to watch what happens with Monterey over the coming couple of months before making any decision about when to upgrade.

I’ve already explained why this is a bad choice as far as bug-fixes go. The last version of Big Sur to receive any significant fixes, other than those of importance to security, was 11.5.2, released in August, over two months ago. Among the bugs fixed in 12.0.1 are several which have either been damaging to workflows or downright annoying. Two that spring to mind are misinterpretation of clicks/taps, which could send the windows of some apps flying across the screen, and the misleading charge figures displayed for Bluetooth devices such as wireless trackpads and keyboards.

The first of those affected MarsEdit, sometimes Messages, and a few other apps. Having clicked on its window to bring it to the front, the next click(s) were misinterpreted, usually causing that window to jump, and when a double-click to hurl it into into full-screen mode. Although it didn’t affect every app, as I use both MarsEdit and Messages a lot, I often wasted time undoing these errors and restoring order to my windows.

The problem with the charges shown in the Bluetooth menu bar item wasn’t as disruptive, but you knew that if you didn’t check that twice and relied on the first values displayed, they’d reflect trackpad and keyboard charges many hours ago. It was such an obvious bug that it’s disappointing how long it has taken to fix.

Stick with Big Sur, and you can be confident that those bugs will never be fixed, that your windows will continue to fly around when you least want them to, and you’ll have to remember to open the Bluetooth item a second time to make any sense of its figures. So too for many of the bugs which afflict macOS 11.

Last week, though, the penalties with staying on Big Sur or Catalina were spelled out in starker terms: if you want all the latest security fixes, then you must run the current release of macOS, as older versions, even though still in security maintenance, don’t get them all.

Many of us had already suspected this to be the case, but it was the careful analysis of last week’s upgrade and updates by Josh Long @theJoshMeister, Chief Security Analyst at Intego, which provided the damning evidence: more than 20 of the vulnerabilities fixed in 12.0.1 have been left unpatched in 11.6.1 and Catalina Security Update 2021-007.

I don’t think for a moment that Apple’s security engineers are deliberately withholding fixes from the two previous versions of macOS to ‘punish’ those who haven’t upgraded to Monterey. It’s far more likely to be a simple matter of cost and benefit. Fixing some of the known vulnerabilities can require considerable effort, in some cases as much as rewriting substantial parts of the kernel or one of its multitude of extensions. If the perceived benefits are low, and the costs of implementing a fix are high, it’s only understandable that some only make it to the current version of macOS. Apple’s priority is quite reasonably to ensure that Monterey is as good as it can make it.

This may change your approach to upgrading. Rather than assuming that benefits are limited, and potential costs could remain high until later this year or the next, you should ask whether Monterey isn’t the best deal available now.

It’s commonly said that ‘the pioneers take the arrows, settlers take the land’, as a justification for updating only later when initial teething problems and bugs have been fixed. In the case of Monterey, that couldn’t be more wrong. The pioneers are now benefitting from all the fixes Apple’s engineers have been working on over the last few months, and getting the full suite of security patches. Meanwhile, the settlers are left grappling daily with the same old bugs, and many of their security vulnerabilities haven’t been patched.

I appreciate that this is hardest for those wondering what to do from Mojave. The main cost – loss of 32-bit apps – isn’t going to change no matter how long you wait, and now that Mojave hasn’t had any security updates at all for over three months, and hasn’t been fully maintained for more than two years, it must be now or never.