Jump to content
johnklos

Flash version 16 for PowerPC

Recommended Posts

Flash versions have been growing like crazy lately. It seems that the modified Flash version which gave PowerPC users some respite is now too old for certain sites. I've updated the Flash plugin to report itself as version 16.1.102.64. This, I hope, should last a few months.

 

Get it here:

 

http://www.klos.com/~john/flashppc.zip

 

Flash is pretty insecure. I'm not sure whether there are workable exploits, but to be on the safe side, I highly recommend ClickToPlugin, which keeps all plugins from loading until you click on the item on a web page which is requiring that plugin. It has a nice side effect of making most YouTube videos play as HTML5, which means you can download by right clicking. Heck, I recommend ClickToPlugin for ALL Macs. It'll save battery life, too, on laptops.

 

http://hoyois.github.io/safariextensions/clicktoplugin/

 

Install the Flash plugin by dragging "Flash Player.plugin" into /Library/Internet Plug-Ins/. I've tested this with YouTube and Hulu. Enjoy!

Share this post


Link to post
Share on other sites

Out of curiosity, what sort of machine are you viewing YouTube and Hulu with? A few weeks ago I dusted off my old 1.67 Hi-Res Powerbook and slapped TenFourFox on it, and, well... I can't say the results with HTML5 video were particularly encouraging. I'd probably have to do some more in-depth testing to say it if was actually worse than my old 1.4ghz Pentium M Dell but it definitely wasn't good.

Share this post


Link to post
Share on other sites

I'm using a 1.67 GHz (overclocked) Mac mini. It plays standard definition perfectly, plays most 720p HTML5 videos without stuttering, and plays Hulu without stuttering 90% of the time. It also edits 720p ProRes LT just fine, too, surprisingly.

 

TenFourFox is nice, but do you have the option of turning off all plugins except what you want to run, like you can do with Safari when using ClickToPlugin? I find that most sites have so much extra junk running that if they're left on, everything suffers.

 

Obviously, PowerMac G5 systems have no problem with Flash or HTML5 video.

Share this post


Link to post
Share on other sites

TenFourFox doesn't work with plugins so that's not the problem. ;) (I think the only extension I had installed was Adblock Plus.)

Maybe someday I'll wipe the crufty Tiger install off it and see if it works better after a good cleaning but perhaps it's just a matter of perception. As it is it seemed like anything compressed with H.264 is pretty much hopeless at resolutions greater than VGA even if played directly with Quicktime.

Share this post


Link to post
Share on other sites

When I was trying to use a PPC Powerbook for playing videos (first a 1.0 GHz Titanium, then a 1.5 GHz Aluminum with 1 GB RAM, and finally the same one upgraded to 1.67 GHz and 2 GB RAM via logic board swap), I found that the only OS where I had decent results was Leopard with VLC 1.1.12 or 2.x.x (playing videos under Tiger was terribly difficult for some reason, and when I could play them, they stuttered like mad). That being said, you might try upgrading your PowerBook to a clean install of Leopard and rerunning your tests before you write it off as uselessly slow.

 

I used my 1.67 GHz PowerBook online for awhile (for testing), and I found it to be adequate for most things, though using it definitely required some patience.

 

c

Edited by CC_333

Share this post


Link to post
Share on other sites

I'm able to watch youtube decently on my PowerBook 15" (Mid 2004) using Flash 10 and Roccat* Browser.

 

Its specs are:

Mac OS X 10.5.8

1GB RAM

160GB HDD (Split with 10.4.11 install for classic)

1.5GHZ PowerPC G4 7450

 

As for HTML5 on TenFourFox, that actually performed worse than Flash 10 under Roccat browser, even when I lowered the quality to 144p or 240p.

 

I will test HTML5 under Roccat and see what the results are.

 

*Roccat is a Modern Browser based on Webkit that is still developed for PPC macs that run OS X 10.5.8, it's a nice web browser, and isn't very resource intensive.

Share this post


Link to post
Share on other sites

I really don't the whole Ranting about not using PPC OSX online. Between the low amount of exploits that run on PPC and as long as the machine is behind a firewall hardware preferably but software is fine or both if your really concerned the risk being compromised is pretty close to nill. Heck I still run Win2K & Win98SE behind my network firewall for internet use and its never been owned. I'm not suggesting sticking ether of them on a direct connection to the net just saying if you have a proper network installation preventing access from the outside and don't do dumb stuff like install random binaries offered up via popup you are as safe as your going to get. Like my Network design professor said "if you want a completely secure system unplug it and smash the HDD with a hammer." if someone wants in bad enough they will find a way all you can do is make hard enough that they look for easier targets.

Edited by jholt5638

Share this post


Link to post
Share on other sites

To expand on what IPalindromeI said, there are a... uh... growing number of reasons why running old versions of Mac OS X on the Internet is a bad idea.

 

Security is a complicated issue, so get your tea or coffee and settle in. Hopefully this reads as informative and helpful and not as a "rant."

 

Firstly, you're correct, no amount of security is actually total security. That having been said, your network design professor would have been remiss if they ended the statement there and didn't talk about what levels of risk are acceptable, etc. Just because security is hard doesn't mean we should give up.

 

You live in the United States, and you haven't specifically mentioned a predilection for your telco, so I'm just going to presume that you have cable Internet, generously, let's call it 30 by 5 megabits.

 

What that means is that somebody who compromises one of your boxes has five megabits worth of ability to send out malformed packets to bigger systems online in order to do things like reflection attacks, or only needs to use a little bit of your incoming throughput to send out five megabits worth of NTP/DNS responses, or can send out five megabits of spam or phishing e-mail from your IP, which does work on most ISPs in the United States. (Even though I'd argue that that should be blocked along with incoming 25, for residential connections that don't order a static and specifically opt to open 25.)

 

Five megabits per second is a whole lot of spam messages.

 

And, today it's not about getting your data or just causing damage for the sake of damage. It's about either getting you to pay up (cryptolocker, and other ransomware) or using your resources to make money (there's malware that mines bitcoin for Windows, for example, plus malware like pushdo/cutwail, and on a Mac OS X system, the attackers are just looking at a regular BSD system, which already has a mail transfer agent built in.

 

So, firehose of spam aside, here are some things to consider!

  • With IPv6, which has been enabled by default since 10.4, your Mac has a direct, public IP address. Statistically, you have Comcast, and they are either finished or almost finished with their IPv6 depoyment, so unless you're intentionally running a router way slower than your Internet line can handle, such as a WRT54 series device, then you have IPv6.
  • Mac OS X has never shipped with the firewall on by default, for IPv4 or IPv6. This persists today, at least for upgraded installations of 10.10. (I upgraded it from 10.6.8.)
  • Heartbleed didn't affect Mac OS X, because Apple is slow going on certain aspects of the system, but it was a vulnerability that was discovered that affected computers on which OpenSSL was installed in some pretty surprising ways.
  • Shellshock does affect Mac OS X! In fact, it should affect everything from 10.3 and forward, because this error has been in bash for over a decade. When it rains it pours and when shellshock itself was discovered, like five or six other critical vulnerabilities were found in bash. I'm pretty sure there are still people patching the code. Fortunately, Mac OS X is a little bit better off than linux, and from what I've heard using DHCP for remote code execution on a Mac won't work.
  • There might be other vulnerabilities similar to Heartbleed in Shellshock, and some of Apple's design decisions for Mac OS X may even prove to work against the overall security of the system at some point. The terrifying thing about shellshock is that bash was released in 1989 -- it is 25 years old -- and it has had this vulnerability since the beginning. This vulnerability was discovered, literally, on it's 25th birthday, so just because something is old doesn't mean it has been thoroughly tested and audited yet, or that anybody actually knows what's going on in a single component of an operating system, let alone an entire operating system built on components like this.

There is a patch for Mac OS X to fix Shellshock, in the aforelinked (and related) thread, but this is a great time to mention that the points I brought up in Older Mac OS X Security Discussion came true shockingly quickly. This thread which was started in August essentially prophesied shellshock just about a month ago.

 

The biggest reason a few of us make sure to drop at least a subtle reminder to think about security in most threads like this discussing the use of PowerPC computers as daily workstations is because most people who are looking at Macs just aren't thinking about finding non-Apple patches to an "internal" part of the operating system that they're not likely to look at. In fact, many Mac users (most of them?) aren't even aware that those components are there or what those components can do. I would say that we have a proportionally low amount of that population on this site, but that they are there.

 

Ultimately, none of us can stop you from running older software on your LAN or even directly on the Internet, unfirewalled, with its own unique public IP address, but we can at least attempt to make you aware of the potential problems. For example, most people don't seem to be aware of the fact that Mac OS X shipped with IPv6 and with it enabled, and what the whole point of IPv6 is.

 

The question that has been brought up is whether or not it's worth it for there to be a page on the 68kMLA Wiki (as an example of where it could be) with a guide on how to harden older versions of Mac OS X after the fact. Not just discussing the possibilities, but actually patching problems as they come out. Some people (such as Cameron Kaiser, who ports Firefox as TenFourFox and who released the aforelinked shellshock patch) are sort of involved with the process, but they only seem to get vocal when a really big security bug is found, and nobody seems to be interested in, say, updating CUPS, etc.

 

The guide would have to both be a practical information guide on how Mac OS X is configured when it ships and how you can change the configuration, and it would need to have mirrored copies of Apple's updates available (or at least links to Apple's combo updaters), and it would need to have information on security events after the release of that version of Mac OS X, and whoever maintains it (johnklos might be a good candidate) would also need to be somebody who keeps up with the CVEs (because I only run operating systems that are getting updates from a community or vendor, I don't specifically follow CVEs) and other security issues, and ideally somebody who can actually produce the patches for the page.

 

Also, let's be honest, this is a Mac site and not all Mac users actually have the self awareness to do things like not click on unknown links, not run unknown binaries, and not joining unknown wireless networks. (remember: it's not all about the network perimeter, the network perimeter of your LAN means nothing when you're on your iBook or PowerBook and you take it to a cafe or a restaurant and you join an unknown network and as part of the association process, you have to talk to an unknown DHCP server.)

 

Somewhat ironically, those people running Linux on their PowerPC Mac hardware are actually hit a lot harder by the shellshock bash vulnerabilities, due to things like the unknown DHCP servers and the fact that on linux, you can run any command you want, as root, through the DHCP client on the system. That goes to show more about the value of patching frequently than to be a specific indictment of Linux or a specific praise of Mac OS X for some of its different design decisions. (That can be another thread if somebody wants.)

 

The reason I call out patching linux is that some people like to go "Well, I'm running Ubuntu 8.04, clearly I'm more secure than Mac OS X 10.4" but that's only true to a certain extent, and at some point, an unpatched operating system is an unpatched operating system and something will affect it.

 

"What about Classic Mac OS?", you may ask. That's a good question!

 

The participants in this thread may already know this information, but this is on a public part of the web site and our web site gets googled and used as a resource by a lot of people.

 

Mac OS X is based on UNIX, and the only difference between desktop Mac OS X (which "doesn't have a mail server") and server Mac OS X is the management interface. What this means is that Mac OS X "client" does have all of the server components from Mac OS X Server. There's a DHCP server built in, a mail transfer agent, an FTP server, any number of text-based mail clients, the web server, the SSH server, printer sharing server, file server, SQL/database server, and so on down the line. Most of these things are turned off, but some enthusiasts turn things on, and a vulnerability like shellshock actually introduces the possibility to enable services remotely simply by way of routine requests the computer makes, or by tacking things on, say, to requests that mediawiki makes.

 

Also, connecting to a Mac OS X machine and sending mail from the command line on it is the same as connecting to an IRIX, Tru64, Solaris, HP-UX, AIX, Linux, Net/Free/OpenBSD machine and sending mail from the command line, which means that for somebody who remotely compromises such a machine, there's essentially no learning curve to start using it.

 

Mac OS 9 is its own thing, and has essentially no underpinnings whatsoever. Everything in Mac OS 9 is provided by extensions, and without the right extensions for it, it doesn't have AppleTalk or TCP/IP built in. That's OpenTransport's job. As such, unless you installed ASIP onto your box, you can be reasonably sure that you don't have the code for a DHCP/DNS server or a mail transfer agent running around.

 

In addition to that, Mac OS 9 doesn't really have a unified way to remotely issue commands to the system. There's remote AppleScript, which needs to be enabled, and which you can kill by tossing the extensions into the trash. There's no system shell, however, and when one gets added (mpw for example) it's not universal to all UNIX systems, and you don't have people going "It's UNIX, I know this!"

 

Windows 9x and Windows NT have a similar relationship to each other as Mac OS 9 and Mac OS X. Windows 9x integrated a few more things into the operating system itself than Mac OS 9x did, or at least made them slightly more difficult to extract, but most of the same stuff applies, with the exception that some of the server code Microsoft doesn't include in Windows, namely a mail transfer agent that I know of, but that's because Microsoft wants you to buy a copy of Exchange.

 

Oh, that and Windows 9x does have a shell, but it's not super commonly remotely accessible, at least based on what's built into the system.

 

So, I hope that's helpful. Keep in mind, I mention PowerPC a lot, but these issues all affect Mac OS X 10.6 and very soon 10.7 as well. Owning a modern Mac is, for better or worse, an exercise in keeping up with a technology treadmill. Fortunately, that treadmill is becoming easier to keep up with as Mac OS X hasn't increased system requirements since 10.8, and 10.10 runs better on the oldest hardware that supports it than 10.6 did.

Share this post


Link to post
Share on other sites

I can agree with that and makes since. I do forget many people don't have the knowledge how their system actually work and for the most part don't want to know. They rather have it just work and not the how & why. As for my ISP I am on Time Warner soon to be Comcast. For my LAN setup Cable Modem <-> FreeBSD acting as Firewall/Router with three nics one connected to the CM another (10.0.0.x) handles my modern devices such as updated desktops, mobile devices, and "Smart devices" the third nic goes to another FreeBSD box (10.0.1.x) with a even heavier Firewall configuration and behind that all my legacy devices are connected. All configured without DHCP. So definitely not your standard setup but it is what happens when you have a Network Administration Degree and can't find work.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×