After trying all versions of OS X on my Macbook Pro I determined that for the best use of resources, and security while connected to the internet, the highest version of OS X that would be acceptable was 10.7.5. While 10.10.x (the freebee) was a total joke, it sends so much info to remote servers about my files, in the background without notification to me as to what it was sending or why it quickly became a security issue (I am in the music industry and produce my own and edit others work on my Mac, so sending any info to someones server without my authorisation is unacceptable.). Not to mention that while having 8G of ram on this Mac I only had about 3G usable for me to do my work while using 10.10.xx . I progressively downgraded doing a "clean reformat and install" of each version of OS X until I settled on 10.7.5. But this version of OS X is sending stuff to Apple and trying to simulate a DoS attack back to Apple servers who in kind return port scans. It is not my internet provider, not my router, not my cable modem, not my firewall it is infact Apple Inc trying to scan my system for something they can use to benefit them, for future sales or whatever BS reason they give. Even with that they are much more acceptable than MicroScam... oops MicroSoft. here is the log file from my firewall, doing a whois on all ip addresses the OS is contacting Apple who inturn sends back a port scan to access this unit (it's yelling 'Here I am!' so Apple can scan this unit without authorisation, notification or confirmation from the owner Me)
TCP- or UDP-based Port Scan | 3 | Sat Feb 14 13:06:37 2015 | 72.198.18.233:49547 | 68.105.28.11:53 |
SYN Flood | 1 | Sat Feb 14 13:15:52 2015 | 17.172.239.146:5223 | 192.168.0.12:61552 |
TCP- or UDP-based Port Scan | 1 | Sat Feb 14 13:15:54 2015 | 72.198.18.233:27493 | 68.105.28.12:53 |
SYN Flood | 9 | Sat Feb 14 13:17:08 2015 | 173.194.79.188:5228 | 192.168.0.12:61620 |
LAN-side UDP Flood | 2 | Sat Feb 14 13:31:55 2015 | 224.0.0.251:5353 | 192.168.0.4:5353 |
TCP- or UDP-based Port Scan | 1 | Sat Feb 14 13:32:40 2015 | 72.198.18.233:50269 | 68.105.28.12:53 |
SYN Flood | 7 | Sat Feb 14 13:33:56 2015 | 17.172.233.134:5223 | 192.168.0.12:61940 |
TCP- or UDP-based Port Scan | 1 | Sat Feb 14 13:36:31 2015 | 72.198.18.233:50848 | 68.105.28.12:53 |
SYN Flood | 91 | Sat Feb 14 13:58:42 2015 | 17.172.232.198:5223 | 192.168.0.12:62497 |
TCP- or UDP-based Port Scan | 1 | Sat Feb 14 13:59:20 2015 | 72.198.18.233:58023 | 68.105.28.12:53 |
SYN Flood | 438 | Sat Feb 14 15:34:21 2015 | 17.172.239.39:5223 | 192.168.0.12:64545 |
TCP- or UDP-based Port Scan | 1 | Sat Feb 14 15:34:53 2015 | 72.198.18.233:61714 | 68.105.28.12:53 |
SYN Flood | 122 | Sat Feb 14 15:59:50 2015 | 17.143.160.88:5223 | 192.168.0.12:65127 |
TCP- or UDP-based Port Scan | 3 | Sun Feb 15 11:16:58 2015 | 72.198.18.233:51891 | 68.105.28.12:53 |
You can say, "It's not Apple" all day and we both know you would be lying. Looking at the evidence this is Apple sending a signal beacon to the mother ship and awaiting further instructions, otherwise the owner would be involved giving authorisation or confirmation for this function or at least a notification. I have ALL auto update, keep updated and check for update options turned off. Had it not been for my firewall catching and logging all traffic, this transfer would go unnoticed except for a slow down of internet speeds... hum, it must be the service provider.... nope, just Apple, its in the TOS you accepted when you installed, or booted your system the first time.