Jump to content
tanuki65

Use PowerPC for a week?

Recommended Posts

Going back to the core of using some form of PowerPC for a week -- it's not really a very interesting challenge. Buy a Quad, put 10.5.8, Office 2008, iWork and TenFourFox on it and pat yourself on the back for a job perceptibly done.

 

I think introducing the OS 9 element is what makes it a more interesting and realistic challenge, because a good G4 or G5 will (eventually) render every web page I need and I can use all my documents in Office 2008. The workflow will be annoying because I don't believe Office 2008 came with Office Document Connection, for easy access to SharePoint, but it'll be doable. At worst, whatever I write on the PPC will be a .doc or an .RTF instead, at which point why not just use TextEdit anyway?

 

Perhaps hilariously, yesterday I was actually thinking about how nice it would be to have a fast G4 or a G5 of some kind on hand so I could run Final Cut Studio. I would be able to do it offline, but I had some video clips I needed to cut together and iMovie on my Mac mini is very oddly behavior for what I wanted to cut (1440x900 screen recordings, it scaled them down to 1366x720 and chopped off the top and bottom.)

 

The phrase "Legacy Hackintosh" actually came up as a potential way to run my old boxed copy of final cut studio 2.

Share this post


Link to post
Share on other sites

I also remembered that 2008 can do docx files natively, that was one of the big points of 2008.

 

So, I'd be set in terms of my daily productivity.

 

I wouldn't recommend it because I fear that old versions of Mac OS X are going to be insecure and problematic online, but I could do it with no real trouble.

Share this post


Link to post
Share on other sites

2004 also does it with the compatibility pack. (So will Windows Office 2000/2002/2003, if you're running at least 2000.) Combine with native WebDAV support and you should be good to go.

Share this post


Link to post
Share on other sites

What Cory said, because I have a Quad 2.5 PPC that I use with all the updates I can find, all sites, YouTube no problem even 1080p, it's a normal Snow Leopard Intel Quad.  I think two things should be restricted:  Limited use of other (networked) computers, and OS 9.  That would be a challenge for sure!!!

 

Laters...

Share this post


Link to post
Share on other sites

Well, no. But maybe he meant that to him it feels similar to a "Snow Leopard Intel Quad" (2006 Mac Pro, most likely) in terms of performance and features?

 

c

Share this post


Link to post
Share on other sites

Yeah, I have an Intel Quad 2006 at 2.66 with 16 GB of RAM an ATI 5770 with Snow Leopard, then I have a PPC Quad 2005 at 2.5 with 16 GB of RAM and a ATI X1900 with Leopard.  I keep both machines "mirrored" as much as possible with almost identical apps except that the Intel has CS6 and the PPC has CS4.  They run very similar with the browser patches, and math programs.  One thing that is way off but I don't use on these anyway, is Handbrake, the Intel crushes the PPC.  Oh and the Intel can be left on 24 hrs a day, the PPC can't (LCS viscosity), but it boots up quick just fine.

 

But as far as snappy I was able to get a newerTech 3.5/2.5 SATA Bracket, to mount an M500 Crucial 480GB SSD inside and I have 3 partitions with Leopard / Tiger / Classic, and it purrs quietly no fans ramping up, and launches PS and AI in 2 seconds, along with most other apps.  And the SL/intel with 2 SSD RAID 0 240x2=480 has the same response, I mean you can't really get any faster. 

 

In Summary, they are both COMPLETELY USABLE.

 

But you know I was reminiscing about "our" 68K/PPC families and the computer industry was kinda moving along just fine until Apple kinda misconstrued it a little.  What did Apple do?  They made computing so Video-Centric!  It's like the benchmark of a computer was strictly based on what FPS video you could capture for about 5-10 years and playback without frame drop , and still is to this day.  While the Windows/PC world construes the pc world by the FPS you get with your Video card (in games)!

 

I don't really consider those two benchmarks the end all be all for a computer, hence I chill on 68kmla.org.

 

But that really hurts good computers that have jobs that they can do.  I mean look at a "real" simple calculator on your desk?  It's not really a calculator any more it's kinda like a physical app, but it still has use being able to just go 442*33 = 14,586. Presto.  But what kinda FPS can the video be captured at? (NONE) and does it get over 120 FPS in Crysis? NO! it's a flipping calculator on your desk, still works, and is COOL!

 

People still ride bikes even tho you can take a car or a truck, you know?

 

So yeah these machines still work, well.  I think when people start to understand the nature of what that computer really is sitting on there desk instead of saying when I can't rip a DVD fast enough, "it's dead and useless" that's crap!

 

Laters...

Share this post


Link to post
Share on other sites

I don't know... I mean I wouldn't want to use a bike in the modern world - it'd be insecure and problematic, after all ;)

 

While it's hard to fault someone for being overly concerned about IT security, it's a bit misleading to talk about security as if it's equal across platforms. Some people on here think old means it MUST be insecure, not recognizing that things can be completely different from one another, so something that matters to one is meaningless to another. For instance, OS X is built from many, many different parts, and each part has its own set of security issues. In total, there are more security advisories for OS X' parts than for any single version of Windows.

 

WHAT? How can that be? Say it's not true, John!

 

No, it's true. What matters, though, is that most exploits in the UNIX world require some form of actual access, like a local user account or something like that. Windows, on the other hand, considers the Internet to be a user of the computer (ha ha ha - I'm only half kidding), so significantly more vulnerabilities on Windows are usable as attack vectors. And no, saying that nobody attacks Macs because there are more Windows systems is like saying nobody would want to rob a bank because there are more donut shops. Donut shops are definitely easier, but banks clearly have more money.

 

I can elucidate, if desired.

 

I don't agree with Cory5412's summary that old == insecure, because I have not found the trove of high profile intrusions in to VMS / OpenVMS sites or tales of how System 7 / 8 / Mac OS 9 systems are being overrun by bandits. When I've asked about ACTUAL, exploitable vulnerabilities in Leopard, I got none. I was genuinely interested, because I'm still running Leopard on several public servers, and aside from updating OpenSSL and a few daemons using it, they're pretty stock.

 

Old does not mean insecure, even though old may imply insecure.

Share this post


Link to post
Share on other sites

Sites running VMS/OpenVMS are probably government related and won't be giving out information on hacks unless it is very important.

 

There seem to be a few hacks going around that target small to medium size companies that end up getting their data encrypted and you must pay for a key to use your data again.

 

I think most systems or specific interfaces (routers for one) to those systems  are insecure because they no longer get bug fixes. Its not just the OS but programs you run or hardware you connect to the system or ports you just leave open. Since most people want their hobby systems to get on the net, but have no real data they are worried about and probably don't have bank information on those systems they don't care about hacks. Even a secure OS running over WEP wireless can get your data stolen. I guess as long as those systems that can be hacked are not online 24/7 connected via networking to important systems you are probably ok.

Share this post


Link to post
Share on other sites

Sites running VMS/OpenVMS are probably government related and won't be giving out information on hacks unless it is very important.

 

There seem to be a few hacks going around that target small to medium size companies that end up getting their data encrypted and you must pay for a key to use your data again.

 

I think most systems or specific interfaces (routers for one) to those systems  are insecure because they no longer get bug fixes. Its not just the OS but programs you run or hardware you connect to the system or ports you just leave open. Since most people want their hobby systems to get on the net, but have no real data they are worried about and probably don't have bank information on those systems they don't care about hacks. Even a secure OS running over WEP wireless can get your data stolen. I guess as long as those systems that can be hacked are not online 24/7 connected via networking to important systems you are probably ok.

 

We'd have learned about OpenVMS intrusion kits from the black market if they existed. We did learn about some flaws and elevations, but that's all.

 

Software updates and firewalls can't fix stupid. This ransomware software targets stupidity - you have to download and install something in the case of Macs or GNU/Linux, or you have to visit the wrong web site with Windows. Anyone who lets Windows clients have full rights to all of the files on network shares get what they deserve - either a versioning filesystem should be used (or one with snapshots), or backups should be run so regularly that no more than a few hours worth of work gets lost. It's dead simple to see when a Windows client is trying too hard to access more files that it should - I wrote a shell script which does this by examining samba logs on a file server, and it fired each and every time some crappy virus scanner tried to scan the whole network volume.

 

In addition, I have lots of clients who have legitimate reasons to use Flash because they're in the entertainment industry. Each and every person has clear instructions to NEVER update Flash on their own. Why? Because they might just believe one of those stupid "Your Flash needs to be updated" sites. Instead, whenever there's an update, I download the updater, let it download the actual updater, then extract that updater, then zip it, then send an email to everyone with a proper, recognizable https URL so they know when to update.

 

This has nothing to do with older systems, anyway, since these attacks are against up-to-date, fully patched systems.

 

"Even a secure OS running over WEP wireless can get your data stolen." is not true. That's because sending data over cleartext would be defined as insecure behavior, so any assumption about the security of the underlying media is already a sign of problems.

Share this post


Link to post
Share on other sites

Like I have always said since the 1980s - "Security is a state of mind. If you're not secure, what does that say of your state of mind?"

 

I do not update unless I have too and by then I usually buy a "new machine." I still run my PowerBook G4 and iBook G3 as my everyday machines. and I still use PowerPC and 68K regularly on a weekly or bi-weekly basis, ass needed. So to me this is not a challenge. Now.... getting on the internet on a Vic20 with only 16K RAM, that is a challenge! A real Vic20, not an emulated one.

Share this post


Link to post
Share on other sites

Within reason anything is possible. It would be difficult but a text-based browser like Lynx could do it if ported for the Vic20. There are Text Based Browsers for the Apple II series, so one for the Vic20 is not too far-fetched.

 

Remember The USA and USSR sent men and robots into space and to the moon on computers with less power than a TI-30 calculator.

Share this post


Link to post
Share on other sites

The question about getting a VIC-20, or a Sinclair ZX81, or any other modest computer on the Internet has more to do with actual communications than anything else. There are some pretty small TCP/IP stacks out there for 6502, Z80, whatever, but the real question is how does one actually communicate? PPP takes memory and creates overhead, plus requires a serial port. Ethernet? How much state is your TCP/IP stack going to contain? BTW - the Apollo computers had much more computing power than a TI-30. Maybe you're thinking of the newer, fancier, programmable TIs?

 

But this post is about PowerPC. I sincerely wish Apple kept security updates coming for older OSes a little more. If Leopard had updated SSL, for instance, it'd still be pretty darned modern.

 

Speaking about PowerPC in modern times, it's interesting how POWER is now being sold as more secure because we don't have these mysterious bits of hardware in the CPU which do things we know nothing about and capabilities about which we can only speculate:

 

http://www.phoronix.com/scan.php?page=article&item=talos-workstation

 

I definitely think "the cloud" will be shown to be completely insecure because it's nothing more than a marketing push to get everyone to put everything in to a big collection of x86 machines, each of which is running hypervisors which can allow access to data without the intermediate OS or end user ever knowing. Perhaps PowerPC (the platform) is more secure than we realize.

Share this post


Link to post
Share on other sites

Is it trivially possible to "hack" an updated SSL implementation into Tiger or Leopard?

 

If one could do that, then it's be pretty nice for those who'd rather use a PPC as their main computer.

 

I mean, people have created "unofficial" service packs for Windows 98, 2000 and XP, so how come someone doesn't do that for OS X?

 

It can't be *that* prohibitively difficult, can it?

 

c

Share this post


Link to post
Share on other sites

Well, I've done something like that - I've compiled OpenSSL, Apache and other tools, and replaced system binaries so that newer Apache would get loaded when I turn on the Software Update Service, for instance, but I have no idea how to create new libraries for software like Safari to use for SSL. It's not a bad idea. Maybe Cameron would have some thoughts.

Share this post


Link to post
Share on other sites

I think you are right on the TI-calculator statement I made, JohnKlos. :D But I have link to share with all of you if you are adventurous to build it - somebody reversed engineered the Apollo computer and got the software and OS run on it. Pretty impressive little box!

You can start from here and follow the links along...  http://www.galaxiki.org/web/main/_blog/all/build-your-own-nasa-apollo-landing-computer-no-kidding.shtml

 

Back to PowerPC...

 

Since I'm on PowerPC G3/G4 99% of the time the only issues I have is with some streaming sites (wanting an updated Adobe Flash which is not possible for these machines) and Google/Apple Drive systems. Other than that, I can get on at least 96% of all sites I can go too, and do 3D rendering with a Java Based program from SweetHome3D (sweethome3d.com) on a G4 on OSX 10.4! There are a couple of plugins that fail on SweetHome3D, but I can slap together a building with it with no problems! Meanwhile - on a few PCs I have on Win XP/7/8, SweetHome3D crashed due to a OpenGL Library problem! I've updated those libraries again and again and it still crashes on those machines!

 

I'm glad that somebody is working updating SSL on 10.5

Edited by Elfen

Share this post


Link to post
Share on other sites

I think two different issues may be being confused. I probably created some of that confusion.

 

There are a few different aspects to security, and one of the ones I talk about a lot, without doing a good job of saying what I'm doing, is controlling access to a system. When access to a system is granted (or taken) a user (authorized or not) can do two things:

  • access data
  • run programs

(Depending on the type of system it is, anyway.)

 

I suspect most people's hobby computers don't have very much in the way of important data on them. The really important bit is going to end up being the "run programs" bit.

 

The reason I question the wisdom of running old UNIX and NT systems online is because for a very long time now, computers have been powerful enough that if somebody remotely connects to your system and uses it to, say, send e-mail, you're really unlikely to notice.

 

I agree that in terms of documented things that have actually happened in the real world, routers are a bigger problem than Mac OS X systems, but it's something that I think is worth being aware of.

 

The other component of access, access to data, is going to be possible even on systems that have no or very little (or completely removable) concept of "remote control" -- but that's really going to be a situation where, for example, old versions of the AFP protocol aren't encrypted, or if you were careless with a password and don't have an automatic lock-out policy, somebody could simply guess their way in.

 

Though, if I had to make a totally wild guess: a lot fewer people are randomly scanning networks for open port 548 than they are for open ports 139/445, 3389, 21, 22, etc.

 

 

I don't agree with Cory5412's summary that old == insecure, because I have not found the trove of high profile intrusions in to VMS / OpenVMS sites or tales of how System 7 / 8 / Mac OS 9 systems are being overrun by bandits. When I've asked about ACTUAL, exploitable vulnerabilities in Leopard, I got none. I was genuinely interested, because I'm still running Leopard on several public servers, and aside from updating OpenSSL and a few daemons using it, they're pretty stock.

 

I don't recall making a direct statement that old == insecure. If I did, I definitely renege on it now, (and have been for a few years) because the thing that worries me most about network security and vintage operating systems is really about systems that are on the cusp between new and old where an attacker could use the system for plenty of nefarious deeds (spam, * reflection, DDoS attacks, unauthorized cryptocurrency mining, whatever) without being detected by somebody using it. Pretty much anything new enough to run 10.5 but old enough not to run 10.11(1) is worrying from this perspective. 

 

Interestingly, mere weeks after you asked for actual exploitable vulnerabilities in Leopard, in a thread where you talked about knowing about all the parts of Leopard, the shellshock vulnerability was publicised. Shellshock is probably as close as we've gotten (so far) to something that on some types of UNIX systems has allowed totally random and unfettered remote access to code execution without a pre-existing account or the involvement of a web stack. On some Linux distributions, it goes as far as a certain DHCP flag being able to run commands as the root user.

 

Fortunately, Mac OS X is not Linux and has shielded bash from some of the other parts of the OS in different ways that made it a little bit more moot, but I think that you have to admit, the potential is there, and we found out about it after only about 22 years of that vulnerability being in the code. (Also, Cameron Kaiser published a patch.)

 

I like Mac OS X(2) , and I've honestly been starting to have pangs of The Nostalgia for that particular timeframe(3), both in terms of some of the hardware Apple built and in terms of Mac OS X (even though I'm on record as saying I don't want a 10.4-10.6 era system because I've got my modern Macs and they do just fine.)

 

But, I'm not going to put it on my main LAN. I just don't trust it that much, nor do I have the energy and time to do the work needed for me to want to trust it. That doesn't mean you can't, although I don't think it's unfair for me to put my take on it up online.

 

 

Sites running VMS/OpenVMS are probably government related and won't be giving out information on hacks unless it is very important.

 

OpenVMS (and other "mini" operating systems such as OS/400) are interesting because you don't hear about security vulnerabilities on them. I haven't researched it closely, but OpenVMS and OS/400 (now called iSeries I believe) are different enough from UNIX that I don't think most attacks that can be done to UNIX systems are going to work on them. They're a more valuable target, but shops running these systems are a lot more likely to employ professionals to secure them (than somebody who buys a G5 off the street is likely to know how to secure it or to hire someone to run it securely.)

 

These systems, like UNIX and NT, are built (at least today) around remote access and with sufficient privileges, can do all the same things I worry about on NT/UNIX, such as run mail software and tools that'll ping network ports for reflection attacks, and so on. I think the differences are that UNIX was really engineered with a lot of different things in mind, and VMS/iSeries and other mini and mainframe operating systems were engineered from the start with the idea that banks would be running it.

 

Some of this stuff is so pervasive on these platforms that you find it in their hardware as well.

 

But, I agree with johnklos that these systems aren't so obscure that there's nobody looking at them, running at them, or trying to find out what's wrong with them, regardless of hat color. OpenVMS hardware is common enough that HP is still running (or allowing? I forget) the hobbyist licensing program, and AS/400 stuff, while slightly less common, is still not impossible to get your hands on, and I know a bunch of people who are running it in their homes.

 

Would I put up a VMS 5 box online? Probably not, but if I were to do so, there's probably less to worry about than with anything based on UNIX. perhaps this is a situation where I know just enough to be afraid of NT and UNIX, but not enough about VMS/i to be afraid of them.

 

---

(1) There are known security vulnerabilities related to unauthorized privilege escalation in Mac OS X 10.10 that Apple is not fixing, for whatever reason. If you have a modern Mac, you should be running the most recent version of Mac OS X on it, or be planning on upgrading. I don't know why Apple has switched to essentially abandoning the directly previous core OS on literally the day of the release of the current version, especially when in the early 2000s Apple threw security patches at old versions of OS X all the time, sometimes a few major versions back.

(2) Or at least I like the idea of Mac OS X. For several years, Mac OS X seemed to be on a steady performance decline.

(3) The good old days when I was a certifiably crazy, foaming-at-the-mouth raving Apple fan.

Share this post


Link to post
Share on other sites

Raw performance is interesting. I'm so very guilty of tossing it around as a proxy for talking about what makes a computer "usable." A lot of this has to do with just how much horsepower it takes to render modern web sites. A lot of it has to do with the fact that modern commercial desktop operating systems are so heavy.

 

It's convenient to use things like cinebench/geekbench scores or even web rendering scores to talk about the usability of a particular system because in a lot of cases, if the scores are low enough, that's going to be a huge, direct impact on the system.

 

And that's one of the reasons I like to point out that the Quad G5 is not a normal PowerPC Mac. It was over twice as fast as any other PowerPC Mac ever built. This makes it special and neat and collectible, but from my perspective, it also puts the Quad in its own category. You can't really talk about the Quad and say that because the Quad has enough horsepower to do $THING reasonably well, PowerPC Macs in general can do that thing reasonably well.

 

Another thing specifically to remember is that even the first generation Woodcrest Xeons (such as the dual-dual 2.66GHz chips in the Mac Pro 1,1) were anywhere from "consistently" to "massively" faster in terms of raw computation than the Quad G5. At first, a lot of this performance was mitigated by the fact that many applications were still running in Rosetta, but Intel was a big boost in performance. (Sidenote: Looking at the anandtech review, I'm struck by the fact that they didn't have a Quad G5 on hand and wish that they had.)

 

I don't really consider those two benchmarks the end all be all for a computer, hence I chill on 68kmla.org.

 

One of the more interesting things about this thread has been different takes on what makes a computer usable.

 

In the late '90s and early 2000s when this site was started, and I first joined it, the only real differences between a good Quadra that was about fifteen years old and a brand new Mac, when you had it booted into Mac OS 9, were performance, and in some cases, specific versions of software you could use.

 

Hardware performance was increasing a lot, but for the most part, there wasn't always a great incentive to upgrade hardware (or, if you were literally an elementary school child, as I was, you couldn't have afforded it even if there were a good reason) if you had patience or you had limited needs. A lot of the people on this site at the time were people who were using slightly older systems and were finding a lot of success with it.

 

Today, because of the differences in the core structure of Mac OS X (the whole "UNIX" problem I address in my previous post, above) and because performance increased tremendously from 2000-2005 and then again tremendously between 2005-2010, and because average web sites today not only need modern rendering technologies, but pretty powerful processors, I don't think we're in a situation where it would be quite as reasonable to use a fifteen year old Mac with its shipping OS as your primary Internet computer.

 

It's probably possible, but the experience is going to be just abysmal, before you even consider the fact that a lot of what Apple built in the 2000s has proven to be physically unreliable in one way or another (LCS systems, 1.8GHz single CPU G5s, BGA graphics issues, prematurely brittle plastics, most of Apple's newworld PPC laptops ever, failed/weird displays, faulty power buttons, and that's not even getting into capacitor issues).

 

One of the interesting things we have today that "we" didn't necessarily have (or we had but it was a lot less accessible) is BSD and Linux. If you like Apple's hardware and you want to, you can run Linux on it and get access to Google Chrome or the newest mainstream release of Firefox. On the other hand, I don't blame people for not liking that as a "solution" because I think for many people, what makes a Mac is Mac OS X, and the fact that Final Cut and inDesign and Word are there sitting right along-side cat and vi and pipes. It was one of the more unique aspects of the Mac as a platform in the early 2000s when Linux was much more difficult to get running than it is today, and when a more traditional UNIX system was either slow (Ultra5-Blade150/O2) or massively expensive (Blade1000, C8000).

 

That said, I think that something different and really special has come onboard instead: sufficient hardware for many tasks has become very cheap. Between things like last year's contra-revenue Bay Trail tablets like the WinBook TW700 and HP Stream 7 and more traditional (regular revenue) $200 laptops, it's not hard to get hardware that will run Windows or BSD/Linux and do so... well enough. It's more than you probably paid for a Quadra or a Performa at a garage sale, but it's a lot better than where we were in terms of new hardware in the late '90s and early '00s.

 

So, I'm personally not too distressed by the idea that computing is harder to come by just because old versions of Mac OS X are insecure.

Share this post


Link to post
Share on other sites

Sorry for posting three times in a row. It's been a slow night and a bunch of things got discussed. I wanted to break it up into a few different sections.

 

 

Speaking about PowerPC in modern times, it's interesting how POWER is now being sold as more secure because we don't have these mysterious bits of hardware in the CPU which do things we know nothing about and capabilities about which we can only speculate:

 

http://www.phoronix.com/scan.php?page=article&item=talos-workstation

 

I definitely think "the cloud" will be shown to be completely insecure because it's nothing more than a marketing push to get everyone to put everything in to a big collection of x86 machines, each of which is running hypervisors which can allow access to data without the intermediate OS or end user ever knowing. Perhaps PowerPC (the platform) is more secure than we realize.

 

It will be interesting to see how the Talos workstation does. It's very costly, but it's still a lot less costly than... say... a Blade 1000 was in 2002. I hope that this thing succeeds. There's some other efforts on the Amiga scene, and some of those are spinning out into a more generic system more tailored for BSD/Linux.

 

I also personally hope to see some effort put into desktop linux on hardware like the nVidia Sheild TV.

 

This is so tangential, but it'll be interesting to see how "the cloud" does, long term. Ultimately, it's a new name on a lot of really old ideas -- timesharing, remotely hosted resources, computing as a utility and not as a capital investment or asset.

 

In terms of hypervisors: behavior like that is considered a security flaw, as generally a hypervisor is supposed to be able to completely separate the virtual machine from the host OS. Passing data back and forth between the host and guest OSes is a product advantage in a tool like VMWare Workstation or Fusion, but is generally not done on the server side of things, and may not even be possible to configure with tools like bare-metal Hyper-V and VMWare ESX. (whereby "may" I mean "I've used these tools and the options to integrate the host with the guest, outside of drivers for the virtualized hardware literally do not exist.")

 

I'm personally not worried about the management instrumentation on x86 systems, but I hope this system does well and that people who do value that type of control or knowledge of their hardware make a point of buying one. I don't know if not having mysterious bits of hardware will directly lead to better security.

 

I fear that that type of thinking will lead to situations where people will go "oh yay, security by obscurity!" (as opposed to security by design on systems that happen to be niche or obscure) and then do something like never patch. Should a shellshock situation ever come up again, those people would be wide open.

 

Combined with other (more "traditional") security patches, it certainly won't hurt.

Share this post


Link to post
Share on other sites
It's interesting to think that in some ways the picture of security is clearer because of the greater number of security issues. It seems, then, that each major component in an OS can be said to be insecure in either (1) a way that affects normal operation, or (2) a way that does not.
 
For instance, shellshock was pretty much irrelevant to Leopard because the default shell then was tcsh. So, people who prefer bash enough to change their default shell heard about shellshock and could do something about it. Didn't know or didn't care? Then it didn't affect your Leopard system.
 
Likewise, all the reflection issues with NTP are irrelevant unless you're allowing queries to your machine. Are you running your own NTP server? Yes? Then you know and have handled it yourself. No? Then it doesn't affect you. The same applies to DNS, Apache, and so on.
 
The reason I still support some Leopard systems boils down to things they do well. File services in later versions of OS X are more idiosyncratic and Apple's Server tools these days suck horribly. They make me feel bad for Windows admins because the mystery surrounding their behavior makes me imagine that I'm experiencing what Windows admins go through regularly.
 
With AFP, people can select "Connect To Server..." from their Go menu in the Finder, and they're sharing files. AFP is encrypted, and there still aren't any CVEs for AFP servers in Leopard (or CVEs for AFP clients which haven't been fixed). But I'm probably the odd one out who still has a legitimate desire to keep something like a Leopard Server not only in use, but actively connected directly to the Internet. Of course I monitor it and would get notified the moment any account gets used for anything outside of the context of AFP, but that makes sense for all servers. In my opinion, it's much better to have a system that's old that one knows and has configured very carefully than to have a fully up-to-date default whatever GNU/Linux distro of the day where security is just taken for granted.
 
But really, the value I see in PowerPC systems is that they can do things that other systems can't quite do, or can do but not quite as well. Take Final Cut - there's no Final Cut equivalent on Windows. There just isn't. Media Composer is a completely different workflow, and Premiere can't be used for anything of any complexity. If you just want to transcode tons of footage to ProRes on a modest RAID, then cut like crazy, there's no equal. Sure, Final Cut X is fancy, but people who cut features are still more inclined to prefer older Final Cut Studio.
 
Final Cut on a Power Mac G5 is STILL a viable option these days and can even handle ProRes 4444. The best part is that someone on a budget can have one indefinitely for far cheaper than a modern system, and with lots of good software for a fraction of what that software would cost for modern versions. The same goes for Adobe software - older Photoshop and Illustrator work quite well, so instead of dealing with the security and billing nightmares of Adobe, one can have all that software for next to nothing, for ever, on an older system.
 
 
The hypervisor thing and how it relates to Intel's Management Engine, though, is another matter and one I think I've misexplained. I'm not saying that there's this "feature" of either current hypervisors or Intel's CPUs that does this - I'm suggesting that the various government agencies which have shown no regard whatsoever for the Constitution, the Bill of Rights or the letter of law are already making use of compromised hypervisors in "clouds" all over the planet to collect data surreptitiously. Heck, I'd even say it's not crazy to imagine they had a hand in the marketing push for the "cloud". Imagine if you were them and you wanted access to more businesses' data, but all of those larger businesses were still running their own servers on-site. What would you do? Of course, you'd encourage them to move that data to places which were much easier to get to.
 
The Intel Management Engine, FYI, is tiny controller in every Intel CPU which has unfettered access to everything - ring 0, memory, DMA, caches, microcode, you name it. But guess who knows exactly what it does, how it's programmed, what its safeguards are? You probably guessed correctly - none of us! It's partly why China has been moving to a natively built CPU. Literally every Intel system made these days has one. The capabilities Intel admits are scary enough - imagine if a rootkit could be made which allowed modification of the ME's code? Game over, literally every Intel system everywhere!

 

 
Now imagine - just suspend your disbelief for two minutes - that the Intel ME has been in the pocket of those we-don't-care-what's-legal TLAs for years. Go ahead. Let that sink in.
 
Support for alternate platforms, both for the sake of code robustness and for the sake of system resiliency, is never a bad idea. 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×