Thursday, January 22, 2015

Dropbox Pulls a TurboTax

So Dropbox ended support for PowerPC. That happened. Going forward, their client will require Snow Leopard, and not only that, but the old clients will stop functioning so you'll only be able to access your data through their web interface. The official cutoff date is May 18, but to try mitigate this and at least get Dropbox to allow PowerPC users to continue using their old clients, Martin Kuka─Ź from viva PowerPC has posted an open letter urging just that. You can read the whole thing here:

http://vivapowerpc.blogspot.cz/2015/01/an-open-letter-to-dropbox-team.html

Also, to add your voice and show Dropbox there's still a demand from PowerPC users, you can go to their forums and post to this somewhat long thread, or even start your own.

As for Dropbox alternatives, I hear second-hand that SugarSync still works with their old Tiger client (direct download). Also, you can try Unison, which I wrote about awhile back. If you're syncing several PCs/devices with Dropbox and only one PowerPC Mac, perhaps you can sync your Dropbox folder with Unison. It's not totally seamless, but it may be workable. If you want to share files with a group of collaborators, you can look into Box.com. They support WebDAV as does Cyberduck, so uploading or downloading the latest file versions with Cyberduck as your client is simple and quick. And if you're accustomed to using Dropbox to transfer individual files to and from your iOS devices, DropCopy can do that for you, too (Tiger and Leopard users, download the Older Version).

As for me, I don't sync on the cloud. I use Unison to sync over my home network. I have to take my Luddite nomenclature seriously.

UPDATE: The editors at LowEndMac have put up a petition at Change.org: Continue to support Dropbox on Mac OS X 10.4 and 10.5.

Monday, January 12, 2015

Getting Started With pkgsrc

Package managers are fun. Package managers are an easy way to get updated software onto your system and keep them up to date, and also an essential tool in maintaining a legacy system like OS X on PowerPC. The best known package managers on OS X are MacPorts and Homebrew (Tigerbrew on PowerPC), but there's another one from BSD land called pkgsrc. Sevan from GeekLAN has made a repository of pkgsrc binaries available for PowerPC users, so here's a quick rundown on how to start using pkgsrc.

Open Terminal.app and enter the following to download and install the pkgsrc tools (all one line):

curl -s http://sevan.mit.edu/packages/bootstrap.tar.gz | sudo tar -zxpf - -C /

Then add the following two lines to your ~/.bash_profile (you can create the file if it doesn't exist):

export PATH=/usr/pkg/sbin:/usr/pkg/bin:$PATH

export PKG_PATH=http://sevan.mit.edu/packages/All/

(don't leave out the trailing / on that last url) Tiger users can then use "sudo nano" to open /usr/share/misc/man.conf and add this line (Leopard instructions are slightly different, please reference the above GeekLAN post for details):

MANPATH=/usr/pkg/man

Finally, close the Terminal window and open a new one so that your new paths are in effect. Now you can begin installing software. Let's say you want GnuPG for use with Enigmail or to encrypt files and folders with gpg encryption, for instance. Simply enter the command:

sudo pkg_add gnupg

You can also try the "-i" option if you're feeling social. After 20 seconds or so the install should be complete and you'll find your gpg tools in /usr/pkg/bin, all ready to go.

So what are the advantages of pkgsrc? You'll notice no compiling was necessary, in contrast to MacPorts which compiles everything, including dependencies already native to OS X. There's a good reason MacPorts does that, but still, it takes forever. Homebrew alleviates this somewhat by relying on native OS X frameworks instead of installing its separate set of dependencies, but Homebrew embeds itself in your /usr/local, which makes it hard to get out of the way if you're juggling more than one package manager. Pkgsrc creates its own directory, /usr/pkg, which can easily be moved with the mv command when you need it out of your path.

The binaries Sevan has built are easily browsable at sevan.mit.edu/packages/, so go check it out.

Package managers are fun. You can use them to install simple console programs, or you can install groups of dependencies that can allow you to compile software, like this person who compiled RawTherapee to run on Leopard.

More on pkgsrc here, including how to build packages from source.

Thursday, December 18, 2014

OS X PowerPC Security Holes Katy Perry Kate Upton Chili Hot Dogs!!!

Given that Leopard and below are no longer supported by Apple, it's reasonable to expect security holes to pop up every now and then, and though Apple will never officially patch them, us PowerPC users can at least come up with the necessary workarounds. The only problem is, news of these vulnerabilities is a bit scattered, so I wanted to put up one post that's a compilation of all the security holes you should be aware of when running OS X on the PowerPC platform--hence the clickbait title, I want everyone to see this (sorry Katy Kate fans). This post will also be linked on the right and updated as more security exploits are discovered.

Here's the big list, and honestly, this is mostly about linking to posts on Cameron Kaiser's TenFourFox Development blog since he wrote the bash replacement below and knows just as much as anybody:

1) Yes, the bash that comes with your PowerPC Mac is compromised. Cameron Kaiser was nice enough to build a new version) that fixes the security flaw so us PowerPC users can rest easy (also works for Snow Leopard).

2) SSLv3 is no longer safe. The solution here is to update TenFourFox and Tenfourbird to their latest versions which disable SSLv3. Webkit browsers that depend on the system SSL libraries remain vulnerable.

3) Certain versions of OpenSSL have a hole. Older OpenSSL-based libraries bundled with Tiger and Leopard are not vulnerable to this specific bug, but if you have versions 1.0.1 to 1.0.1f installed on your system through Macports or Homebrew/Tigerbrew, you'll want to update to the latest version.

4) That handy tool sudo, giving you root access from the command line, is vulnerable to an exploit. Check this post for the solution and also look down to the comments on how to use nano in case vi is a mystery to you.

5) Flash is not safe.

6) Java is not safe. I've seen links about installing Open JDK 7 on Leopard, but I don't know how feasible it is. You could also put Debian on a separate partition and run the latest Java from there.

7) Finally, your Firewire ports are vulnerable to physical attack. You can check out Adam Albrec's Security Mode scripts to secure your laptops from this and other vulnerabilities.

As said, this post will be continually updated with developing news. Hopefully the list won't get too long. ;-)

UPDATE:

8) And I've been informed of yet another one. The Diginotar SSL certificate is compromised. This was back in 2011 and was the first time Apple released a security update that didn't include PowerPC, so maybe that's why I blocked it out. Follow the step-by-step instructions at $ ps | Enable (their mpkg automator didn't seem to change things for me) to clear your system. This flaw only affects you if you use Safari or another browser that accesses your system's SSL certificates. It does not effect TenFourFox.

UPDATE II:

9) Via TenFourFox Development again, there are potential vulnerabilities in OS X's ntpd (Network Time Protocol daemon). This is used when you sync date and time automatically with Apple's time server in the Date & Time System Preference. I say potential because the typical user won't find themselves vulnerable, but people using ntpd in more elaborate ways should read the referenced blog post. A new version compiled for PowerPC is linked there for download.

Monday, December 8, 2014

Lock Down Your Mac With Security Mode

You may recognize Adam Albrec as the author of PPC Media Center, a suite of Applescripts that serves as a GUI wrapper for youtube-dl, and as a past guest poster here. Well, he's back, this time with another package of Applescripts called Security Mode (download at bottom of post). If you've ever wondered what it would take to completely lock down your PowerPC laptop in the modern jungle out there, this is what you've been waiting for.

Along with the Applescripts comes a very extensive Read Me file that has a lot of general tips as well as how to use/edit the scripts. In all honesty, I'd never heard of the Firewire vulnerability before perusing the Read Me, and I'm supposed to be on top of this stuff.

So what do the scripts do? As Adam writes:

The primary app is a simple toggle that will change your laptop to a 'Secure Mode' which implements the following security features:

- A password is now required to unlock the screen on waking the system from sleep (like after having the lid closed), or once the screensaver has become active.

- The unit will have the screensaver activate after 10 minutes.

- The display will sleep after 20 minutes of inactivity.

- The system will sleep after 30 minutes of inactivity.

- Firewire will be disabled - thus illuminating the threat of a DMA (Direct Memory Access) attack.

...

When toggled again, all the security features listed above go back to normal 'Home Mode':

- No password is required to wake the system or deactivate the screensaver.

- Both display and system sleep are set to 'Never'.

- Firewire will work normally.

As a convenient means of identifying the system's current security status, the Dock position will change in 'Secure Mode' to the left of the screen, and back to the bottom in 'Home Mode'.

The secondary helper app SM Fw-Disabler, when set as a login item, will make sure that whatever mode the system is in when it is shut down, will continue when restarted until the user chooses to change it.

Both scripts store your user name and password in plain text, so you need to keep the scripts on an encrypted volume. FileVault instructions are included in the Read Me for this purpose. Also...

As stated in the script comments, all the settings in the script including the sleep/screensaver times and Dock position changes can be set if the above are not to the user's liking. Those who are great at Applescript will have no trouble at this, but for those who might like some tips, just leave a comment here on the blog and I'll reply ASAP.

Finally, the Read Me concludes with some not-commonly-known tips on PCMCIA expansion bays, Open Firmware passwords, and TrueCrypt. All in all, this is great stuff, so download the scripts and the Read Me at the Mediafire link below:

Security Mode.dmg.zip

(ADDED: This can also be useful for Snow Leopard. It'll take some tinkering with the Applescript, but leave a comment and Adam will be glad to help.)

Friday, November 21, 2014

An Offline Password Manager

I'm not a huge fan of the cloud. It's not just for tinfoil hat's sake. I've seen just enough server repositories and companies fail that I hesitate to truly trust them with my data security. I'd rather just back up my own stuff and do all my syncing over my home network. The one exception I've made is with Firefox Sync, where I can sync all my bookmarks, history, and passwords across the various TenFourfoxes and Iceweasels I have. But I've been thinking lately about those passwords and the ways Firefox sells password security short.

It's not just that it's in the cloud (though encrypted). Firefox keeps passwords in plain text on your hard drive unless you secure them with a master password, and if you pick a good password it starts to be inconvenient to enter it every time you start the browser. And if you're going to put up with a little inconvenience, why not just use an offline password manager?

Offline password managers have the inconvenience of a couple more clicks but have the advantage of making you completely responsible for your own passwords. They're stored on an encrypted file on your hard drive and no one else has access. You never have to worry about how LastPass or Firefox Sync are storing your passwords or which institutional entities have the keys to the kingdom.

I'm not completely willing to give up the convenience of Firefox Sync. For the vast majority of my passwords, I don't hugely care about security. They're mostly forum passwords and sites I don't even remember registering with. But for sensitive passwords for banking, Paypal, or anything financial-related, I want to keep those out of Firefox Sync and encrypted on my hard drive. And it just so happens there's a password manager for this that's cross platform and still runs on Tiger PowerPC: it's called KeePassX.

Setup is pretty self-explanatory. You just start a new database and enter your passwords. One cool feature is it rates the quality of your existing password and also features a password generator with many parameters like password length and whether it's pronounceable. From then on, you just copy your password to the clipboard with a click and then paste it into your web page's password entry (Firefox usually auto-enters the username).

Some of you (okay, nearly all of you) might be bothered by the OS X icon. One generous soul, however, contributed their own, much better, icon in this KeePassX forum post. I couldn't get their .icns file to work, but I saved the .png image displayed in the post, used FastIcns to convert it to my own .icns and installed it in the app package (by right-clicking and choosing "Show Package Contents" and then finding and replacing the original .icns image).

Another forum post features an unofficial version of KeePassX with global auto-type: Global Autotype for OS X: at last! This allows you to hit a key combo without having to switch to KeePassX to copy a password. It's a universal binary, but it doesn't launch on Tiger, so I guess it requires Leopard.

One caveat when using KeePassX on Linux: KeePassX erases your password from the clipboard after several seconds, but some clipboard managers (I'm looking at you, Parcellite and Glipper) don't respect this and still keep your super secret password displayed in their menu. Something to be aware of.

Some people report good results syncing their KeePassX database file on Dropbox, but that kind of defeats the purpose of keeping your passwords offline, so it's not for me.

One fun thing about this is going into Firefox's password manager to delete your sensitive passwords and seeing all the crap you registered for in the past. I'm apparently signed up on cracked.com. I have beautiful taste.

Thursday, October 30, 2014

Lude Smuggler Will Not Be Suppressed

So I was perusing through Macintosh Garden in the arcade section, taking a trip down memory lane, when I noticed something not quite right. They had MacLanding and Missile Command and even its awesome clone, Ground Zero™, but still, something was missing. Lude Smuggler!

Lude Smuggler, for the uninitiated, was a re-skin of Lode Runner, which for a time was the addictive game de jour before Tetris and Cranky Birds or whatever. The object of Lode Runner was to dodge a bunch of enemies while collecting bags of gold and escaping to the next level. Lude Smuggler was the same, but instead of bags of gold, they're supposed to be bags of ludes.

So after failing to find Lude Smuggler on Macintosh Garden, I went googling to find some confirmation of its existence and couldn't find anything. I googled Lude Smuggler with quotes and got this:

Lude Smuggler search result

Can this be? Can there be literally no record of Lude Smuggler on the entire World Wide Web? No, no, no, no, no. This cannot stand. I know the drug war is taken to ridiculous extremes, but this is going too far. I knew I had Lude Smuggler on some hard drive somewhere, or at least on a floppy, so I became determined to retrieve it and upload it to the hallowed halls of the 'Garden.

So I got out my Power Mac 7100, which was my only Mac with a still-working high-density floppy drive, and hooked up my LCD monitor (with like a thousand adapters) and fired it up. Still works! And it turns out I did have Lude Smuggler on a floppy. Great! Now I just need to network it to my PowerBook and I can upload it from there.

(Author's note: Okay, I wrote about 800 words here about everything I had to do to get it to my Powerbook, but I'm cutting it because, frankly, it makes me sound crazy. Tl;dr version: it was a bitch.)

So finally Lude Smuggler is re-introduced to the masses. You can download it at its hopefully permanent home at Macintosh Garden and be smuggling ludes like a pro in no time. Here's the icon which my young impressionable mind would forever associate with "greasy":

Lude Smuggler icon

And here's a screenshot:

Lude Smuggler screenshot

My wasted youth.

Thursday, October 16, 2014

A New Notebook for PowerPC?

Roberto Innocenti emails me that he's started a project to deliver a new PowerPC notebook in the DIY tradition of the Novena Project and the pi-top, only significantly more powerful. Apparently he intends to team up with an Italian motherboard producer and will present his project plans at Linux Day 2014 in Milan. According to Mobile Linux News, the laptop will feature upgradeable components such as the video card, RAM, and SDD/HDD. It will also be 64-bit with altivec and multi-threaded capabilities, and will fully support gnu/linux as well as OS X virtualization.

You can follow along with the project's news at PowerPC-Notebook.org. Needless to say, if this became a reality you could knock me over with a feather, but stranger things have happened. Like Apple switching to Intel. ;)

Saturday, October 11, 2014

Mac OS 9 is a Lightning Rod

Apparently debating the merits of Mac OS 9 is very 2014. Via TenFourFox Development, all the hubbub was kicked off by an Ars Technica article* about living with OS 9.2.2 for a few days, which was followed with a rebuttal from Riccardo Mori at his blog. Some previous points of view on the subject are from The Vintage Mac Museum and LowEndMac, but I wanted to use this as an excuse to point to a Mac OS 9 Lives Forum thread which reveals how to boot OS 9 on MDD FW800 Power Macs.

(UPDATE: This note was left in the comments: Flashing the G4 FW800 MDD is no longer needed and it is not the preferred approach, we now have a Bootable 9.2.2 Install CD (with Modified ROM 10.2.1) that will boot unsupported G4s and Install 9.2.2. You can get the CD ISO image at www.macos9lives.com/smforum or at www.thinkclassic.org)

First sold in 2003, the FW800 models were the first Power Macs, and only G4 Power Macs, to not boot OS 9. This remained the case till over a decade later when this Mac OS 9 Lives thread, "Downgrade firmware of FW800 for OS9 comp", appeared. The whole thread is incredibly long (these were a dedicated, persistent bunch), but I'll just point to this post which has the actual solution. Basically it involves flashing the firmware with an older version that supports booting into OS 9. This works for the FW800s because the earlier firmware is for a very similar MDD model.

Efforts are also underway to duplicate this approach with other Macs, and the thread, "Mac Os 9 boot on unsupported iMac G4", reports limited success. Perhaps this won't work so well on other models because the only available firmware downgrades are too old and for too dissimilar hardware. It sure would be nice seeing an aluminum PowerBook booting OS 9, though.

As far as I read, the only limitations on the MDD are the disabling of the Firewire 400 ports in OS 9 and the Firewire 800 port running only at 400 speed, also only in OS 9. In OS X everything works fine. But for that, you get an OS 9 booting machine for your FW800, and now you too can join the online Mac OS 9 wars! Small price to pay for having access to all that great audio, productivity, and gaming software from the '90s-'00s.

*WARNING: That Ars Technica article is like weaponized banality.

Monday, September 29, 2014

8.6 Software Install Disc for Sawtooth AGP?

(UPDATE: Disc image found!)

Chris Nova from Mac OS 9 Lives has put out a call for a certain Software Install & Restore disc. This one's very rare, an 8.6 one specific to the Sawtooth AGP (not Yikes). Apparently they were bundled with Sawtooths only for a couple of months back in 1999, and not one has made its way onto Macintosh Garden or any other Mac archive site.

Here's a Mac OS 9 Lives forum link to the thread where Chris lays out the full details. If you can report a sighting of one of these rare birds, click on over and drop Chris a line. :)