XAMPP for PowerPc

If you are at all interested in hosting a simple (or complex) website or doing some experimentation from your older Mac, I do recommend grabbing the incredibly useful XAMPP to make the process a little easier.

XAMPP is kind of a self-contained install of the Apache httpd server with PHP and CGI turned on, a MYSQL server, an FTP server, and some other tools and documentation. It’s cool, because it comes with a little tiny app that lets you turn off the services as you see fit. You can run it when you want to try out different configurations or different websites.

For Leopard, the basic Apache httpd server isn’t that older than the last available XAMPP package for G5 machines. My base Leopard httpd server is 2.2.7 while the one included in the XAMPP package is 2.2.14. Still, that includes some bug fixes as well as newer versions of PHP and MySQL. If you are going to run old software, might as well run the last version of it you can find.

Note: I do believe, using MacPorts or TigerBrew or something, you can get a more recent compiled version of httpd (2.4 series) – maybe even doing it on your own. You are likely better in that scenario of turning to Linux if you really care about security and want things fully patched (and maintained).

For now though, having access to an older version of XAMPP is still kind of fun to mess around with. Grab it here.

Another note: It is generally not recommended to copy over the httpd server in Leopard with a newer one. Now, it should technically work – we are talking about bug and security fixes from 2.2.7 to 2.2.14, for instance. However, it is probably best to be safe, keep backups, and just use an alternative like XAMPP which messes with system internals as little as possible.

— Nathan

Tips & Tricks to Access Your G5 While Far, Far Away

Many of us in the States (and potentially elsewhere) take some much needed vacation time, visiting friends, family, and far off places during this holiday season. You may want to access your G5 to get at those critical documents, outdated games, or whatever it is you might want to do. In that case, here are some ways to do it.

Obviously, with Leopard’s strong UNIX underpinnings, you can easily access your G5 via SSH, if you so choose. I won’t go into that here, because unless you are running a server, it’s probably not the most effective way to access your computer. But, it’s an awesome possibility and probably the most secure option when you set up an ssh key for your remote device.

Another easy option is to keep using Dropbox, which yes, still works for our Leopard Macs (for the time being). You can use the online Dropbox interface or a favorite iOS app to get at any crucial files and save you security headaches. Easy stuff.

But let’s say you prefer to access a specific email account that is setup on your G5 or want to get some work done without bringing a bunch of files. In that case, VNC is your solution.

VNC allows you to share your desktop remotely and interact with your computer like you were sitting in front of it. You’ll need a VNC server, which Leopard has already built in, and you’ll need a VNC viewer. Leopard has one built in as well, but you might have better results with something like Chicken of the VNC. In my experience, it’s just a bit faster.

To get your VNC server going, just open up System Preferences, go to your Sharing settings, and click the check box next to “Screen Sharing”. You will want to fiddle with the settings, of course. It’s absolutely crucial that you create a password. Choosing the first option, allowing anyone access, saves you a little hassle from logging in to your user account first, but it’s probably safer to leave it off. Back in the main settings pane, if you have multiple accounts, I’d recommend choosing just one or two users who have access in this way.

Screen Sharing settings

You may need to do some tests from another computer to make sure it works, but the most important step is to insure your router forwards VNC traffic directly to your G5. Every router is a bit different, so consult its documentation on how to setup port forwarding. The default port is 5900, so the easiest way is to funnel any traffic on that port in your router to the same port on your Mac. Be sure to give your Mac a permanent internal IP address as well, so you don’t have to change the port forwarding rules every time your router resets.

For a little more security through obscurity, you could use a port of your own choosing and have the router internally connect to your G5 on 5900. The purpose is to turn away any bots or hackers who may be trying to access any computers via that commonly used port. Running a separate VNC server gives you more options in this regard to fine tune your settings and security. I’d recommend taking a look at Vine VNC, which works great on PowerPC machines.

Testing internally (from within your LAN) is a piece of cake. Bonjour is awesome and will advertise your Mac’s screen sharing server right away. Testing from outside your network is a little different. You will need your external IP address and get to a place (like work/coffee shop/library/etc). Write in that external IP with the default port and password, and you should be in. If it doesn’t work, work you way from the top of this article to see what went wrong. Most of the time it is router related.

What are the risks of opening your Mac to the outside world? If someone did get access, they can do anything they want. Delete files. Send email on your behalf. Surf to salty websites. Or ruin your Fallout character. So, use screen sharing only when you must.

Last and not least, a bonus tip: Power Mac G5s can consume a lot of electricity, so it’s pointless in my opinion to leave them running 24/7 especially if you aren’t using them. As an added layer of security, I setup my G5 to boot up at a specific time and shut down fairly quickly automatically. For example, I might have the G5 start up at 4 PM EST and shut off at 4:30 PM EST everyday while I am away. Pick a time that works for you and that only you know. That way, if you need access, you can wait for that time, log into your Mac remotely, shut off its schedule (or modify it), and work on what you need to work on. You save electricity, and you provide a smaller window for someone who wants to get your archive of precious GIFs.

Did I miss anything? What are some of your tips and tricks?

Have a great holiday season! See you in 2016!

— Nathan

Security

Dan at PPC Luddite is a good dude.

He posted a great resource which links to all of the latest security fixes revealed in recent weeks. It’s handy to go through and make sure your Mac is secure. Find it here.

Here’s a few thoughts from me –

I no longer do any online banking or shopping in Leopard. I have other more updated computers, including my iPhone 6 Plus that work better at that anyway. Granted, I am pretty trusting of TenFourFox, but still, it’s good to be cautious.

If your G5 isn’t on the internet, then you don’t have to be too worried. Hackers can’t get to your Mac if it isn’t plugged in (shocker, I know). At the end of the day though, the simplest security breaches happen when someone has physical access to a computer. You can be locked down behind the world’s greatest firewall, but if the thief can get to your machine by hand, you’re in trouble.

When you do get on the net, be careful and thoughtful. Most routers have a decent set of default security features that prevent an outside source from accessing your machine remotely. If you do open up your firewall for remote access to your G5, make regular password changes to be on the safe side. Consider limiting access to only a certain ip range. Turn off any extra file sharing services that you do not use regularly. Consider using one of the AppleScripts linked to in the article mentioned above to lock your Mac down even further.

A slim positive for us PPC users these days is a sense of obscurity. Hackers are not going to spend a ton of time targeting what few machines of ours exist out there. They are going for the big fish, but that doesn’t mean you still can’t get in trouble via a universal type app built in Java or a good old fashioned fishing website. Leopard’s BSD underpinnings also means there might be openings in common programs like bash, apache, etc. to be aware of. Stay connected to your broader PPC community to see what has been discovered and what workarounds exist, if any.

Be thankful you have a Mac. Everybody has upped their game in recent years, making even recent versions of Windows far less of a target. Macs still have a stellar security record. I’ve only had a single experience in over 20+ years of using Macs (starting with a Mac Classic) of dealing with a virus, and it was a Microsoft Word macro bug that got cross-pollinated to my lab machines from some Windows computers. I know others have had worse experiences – others have had even better. Your mileage may vary, but be glad you still use a damn good computer with a damn good OS.

— Happy holidays ya’all, Nathan

Don’t BASH me

According to our good friends at TenFourFox and numerous other tech sites around the world, BASH, that great little command line shell built into Mac OS X, has a major security vulnerability.

More bad news – since Leopard, Tiger, etc are so old, the hope of seeing an official patch of this vulnerability are next to nil.

But now the good news – there is a (unofficial) fix. TenFourFox to the rescue! Follow the instructions to download a patched BASH and replace your existing shell with the updated one. It’s a straightforward process that includes some example commands to make sure you are indeed affected and patched.

This is just another reminder of why our old machines are not getting more secure. Other bugs and vulnerabilities may indeed exist. If your machine faces outward, serving webpages, files, or whatever, keep in mind that you are operating at risk. This doesn’t mean you will be hacked, but it’s something to keep in mind and stay vigilant about.

– Nathan