I remember that there was an old lawsuit filed against people purportedly connected with fake anti-virus malware for Windows PCs, and the lawyer representing the victim as a plaintiff did a demonstration of it on a local news broadcast. From what it looks like in the clip, the lawyer used a PowerPC-based iMac, installed Virtual PC on there (back when it was designed to emulate x86 hardware on PowerPC Macs), did a clean install of Windows XP on the virtual machine, and downloaded the malware in question to show how the scam worked. That wasn't explicitly stated, but that's how I think he did it. It seemed like a pretty good way of isolating the malware from otherwise infecting the host system. Even if the malware attempted to escape, the fact it was running on Mac OS X on the PPC architecture would prevent it from being able to execute machine code.
theres never been a reported case of malware trying to escape a virtual machine to the host machine/attempting to exploit a vm escape vuln (not including docker)
Does anyone still make PPC-compatible viruses? Seems like it'd be the same issue as you'd have trying that with Windows 98, it's such a small userbase it's not a desirable target.
@@Kippeves good point, I could imagine someone doing it for the hell of it obviously. I'd assume most of those wouldn't be particularly malicious, but I could see that being a fun thing to make just because.
@@jdatlas4668 Yeah I feel like the modern malware for those systems would be akin to the malware of days of old: destructive just for the sake of being destructive. A lot of early malware wasn’t yet profit-motivated, it just fucked up your computer for the hell of it.
@@Kippeves PowerPC is still being made under the name PowerISA and they are used for Supercomputers/mainframes so ppc virus may still be made to attack a very specific target
@@Wileybot2004 Wow, I didn't know about that! Yeah, it sounds very feasible for spearheaded attacks to include PPC/PISA-attacks. Thank you for the information, you learn something new every day.
There used to be an old PowerPC virus I had found that worked by sending out emails, in bulk, using you as a middleman for there own attack. I had a Quadra Tower, before the G3 ever even hit shelves. Was really fun days. RIP uncle Brett.
Haha that Kitboga video was great! It was hilarious when they were logged into his PC, and they were like don't click on that, then he clicks on it and downloads another virus!
Glad to see some love for the entry level Digital Audio Power Mac! I had a similar question about taking Intel Macs online now that most are no longer getting OS updates, and browsers are leaving more of them behind.
It's really tough to exploit security vulnerabilities on PPC Macs. For one thing, to take over a machine, the exploit needs super-user privileges in order to run. Mac OS X blocks this by default. You'd have to manually run the system from the 'root' account and then totally disable all security measures for it to function. The last known PPC infection that did damage to me was the 'SevenDust/666 virus'. It only ran on Mac OS versions 7 through 9 and, when infected, would slowly flood a disk with one '666' file in each directory. The disk would get corrupted and wouldn't boot the OS, eventually causing you to format the disk.
In the next chapter, we will learn how to install the ATI Radeon HD 3850, the fastest AGP video card ever, in order to be able to decode pornographic streaming videos in HD, with complete security.
You might have tried doing a port or traffic analysis on the computer to see if it was trying to phone home or do anything malicious after the browsing. It may not be heavier applications that it was infected with, but something like a simple spyware.
the issue isn't odd websites you vists but rather a larger bot net randomly pinging your machine and then infecting. having now gained access to your network it can infect your modern systems since it has more trust.
Nostalgia alert - I had the (I think) 450MHz version of this machine. I loved that thing, until it was assassinated by a power surge. I kept the side panels as decoration, and they now sit on top of my bookcases.
Similar thing happened to my old PowerMac. I eventually made a suit of armour from its side panels and a few others that people left on the curb, I also used an iMac G3 shell as a “helmet”. It ended up being a great halloween costume.
I think the biggest risk is not viruses but unpatched software/OS problems that could be exploited to bounce over to other computers on the local network.
This, exactly. It is extremely unlikely that you are going to catch anything with unsupported vintage OSes on the virtue of them being literally incompatible with modern malware, but I would *never* call an old OS "secure". As an average Joe messing around with old browsers on old OSes, you don't need to worry about security issues, but if you are - say - a company producing something for a major corporation, and wind gets out that you are using ancient unpatched systems connected to the same network as vital IT infrastructure and/or a server holding top secret data, then malicious hackers are likely going to try to use that old system as their entry point, whether it's to spread havoc or to steal confidential data.
Malware is not the concern with using these machines online without any kind of firewall or other protection. The issue is the outdated security certificates, the fact that every bug and vulnerability in those old OS' is well known and documented, protocols that are outdated, etc. Malware isn't a concern but having all your data stolen is so damn easy most automated scripts can get it done. No complex hacking or anything, a script can just walk right in.
The reason no viruses to speak of work on it, is the ancient PowerPC architecture that it's running on. I wouldn't try this on an old Intel machine, because the instruction set might be similar enough to current Intel CPU's that some really bad malware could infect it.
Fun exercise! I do my retro Macking in QEMU, and didn't know about the InterwebPPC browser. It looks great, so I'll check it out! For Mac OS 9 modern browsing there is something… Classilla. But it is now getting stale too. I thought the hardest part of your adventure would be to find actual malware, but wow it is easy to locate sketchy things!
I guess there's a fundamental issue to this approach: you're essentially looking for the low-hanging fruit, which these days is *always* some form of trojan, because they're the easiest to make - not just for low-hanging fruit victims, but also by low-hanging fruit attackers. Something like retrocompatibility is just too much of a hassle in such cases. However, for someone knowledgeable enough, it's still easy enough to at the very least find well-known CVEs for zero-click attacks, which AT THE VERY LEAST can be used for spreading an attack across a network to find other computers to take advantage of - that downqfil website definitely looks more like it, but is still quite unsophisticated. So yes, please never EVER disregard security. AT ALL. Here's a quote I like on the topic: "In the real world, if you build a bookshelf and forget to tighten one of the screws all the way, it does not burn down your house"
No such thing as security. Anyone actually looking to do harm is going to get in regardless, the ONLY way to keep anything safe is to keep everything offline. Midling hackers get through government security daily, nothing the average person is going to have compares to that.
@@babayaga7434 Trust me, doing the bare minimum already mitigates most attacks, leaving only the ones that require spending dedicated time to you in particular as a victim. It's a matter of threat modeling.
I’ve been using Macs since the 90s. Once I got a virus from a CD installer for internet phone software. It was easy to remove. Another time a Zip disk got infected with a Windows virus. I guess I had some software like Norton that detected it. But it couldn’t infect my Mac anyway. And that’s it! There’s really not much in the way of viruses for Macs even today. I had the exact same G4 Digital Audio.
Just a heads up you can use a modern version of clamav to download the most recent database and transfer the file to an older version. This reminds me of when I got some ransomware on my windows xp vm but the payload couldn't actually run because it didn't work on xp. I only found it after running a virus scan (using the aforementioned method of updating the clamav database)
The thing about getting malware on a G4/G5 is that I'd imagine virtually no modern malware is compiled for PowerPC, and even when Macs were PPC, there was very little malware in comparison to Windows, not because OSX was more hardened, but because Apple had like a 3-4% market share and nobody cared Something I've noticed about .pkg and .mpkg installers, from dicking around a lot on my G5, is that a lot of the time, even if they contain Intel-only binaries, they'll still extract the contents to whatever destination folders they're supposed to go to. In other words, the package itself is cross-platform but the contents are not. So, even if a site were able to modify your system preferences to sidestep entering a system password, and it were to successfully do a drive-by download of some self-executing pkg, all that would happen is, it'd install some x86 malware that would sit there and do nothing.
@@BulletproofKuloodporny Thousands, I started in 94 and have been collecting since for almost every platform :) For archiving uses of course ;) Maybe a couple of times for people that have pissed me off ;)
@@BulletproofKuloodporny Would have to check, but it's all on a 500gb HD Think I recall it's a bit more than that though. Around 100 GB or so :) Quick edit, it's 111.43 GB :)
I think people overdo the "don't connect that old computer to the internet" thing. I mean, if you don't log into any sensible account of yours and you only use the thing for retro gaming and the like, is there actually that much potential harm? I really doubt it.
You've demonstrated an interesting point: malware in general only targets what's most probable to be "out there"; that means the more massive *CURRENT* platforms, so they in fact phase out old malware to target current hardware; your macos is so old that is unsupported not only for productive legit software but also for viruses/malware.Obsolescense (when not planned) is a blessing and a curse at the same time.
I mean the whole Mac lab got taken down by some virus when I was at SFSU in the 90s. And that was in the early PPC G3 era. And knowing how Universities take forever to get rid of old stuff (in some cases they can't dispose of old gear by selling it for legal reasons, and for other legal reasons they cant dispose of it without ensuring all data is wiped. So they just don't) I wouldn't be surprised is there is still some paper online with a nice chewy payload for PPC arch.
14:30 the system likely just crashed / kernel panic'd and then rebooted - I'd look in the logs when it occurs. It is interesting @ 11:42 how you can see System Preferences launching in the Dock right before it reboots. If that browser has some option to automatically launch a downloaded app, I'm curious if you turned that off whether it'd still reproduce.
Before watching this, i think the only malware possible would be things that run on a higher level language like a scripting language or something like Java. Mac's are already a low target though.
For people watching at home, security by obscurity only works against unskilled, untargeted attacks. If you want to be secure from someone who knows you exist, it's not going to slow them down much. That said, modern PPC malware can't be that common :P
True, but it's not exclusively SbO. I can't speak for the 7450, but the 7410 and older's lack of speculative execution, branch prediction, and the like does give less surface area for attack vectors. I'd feel 100% safe using, say, a dual 500 with OpenBSD online, even serving up pages fron it.
Yeah. The only way it wouldn't work is if there was something that patched the firmware. Since you would be using a CD or DVD to do the format / re-install, the installation media wouldn't be infected. Back in the day, you could make a boot disk get infected, which would cause the reinstalled media to get infected. As long as there's no contiguous access from infected writable media to the end point, you're likely fine. Using an external hard drive for recovery would likely add to the potential for infection after a reformat.
Btw, never use that spinning hard drive again? Why not plug it into a PC (which can't read HFS+) and format it, then format it again on a Mac. Zero risk for virus transfer. Whenever I find a USB thumb drive out in the wild, I always plug them in on my iMac G3 (booted into Mac OS 9), have a look at it, and reformat it. I gather that Mac OS 9 is a very unlikely attack vector.
Be careful as there are USB killer sticks out there that'll just dump a huge load of energy saved up in capacitors into the USB circuitry and at best blow a fuse, at worst kill the entire mainboard
"Who surfs on a highway?" Well, I don't know, who puts wallpaper on their desktop? :-} It's the same age as my iBook. Same clock speed too. And the more I look at the case, the more I want one. Being serious for a couple of seconds, I think the upgrade mania of the last decade may have done some good in that a lot of old malware that was knocking around the net for ages regardless of its usefulness may have been cleared away. Possibly. Maybe. I don't know. :) Oh haha! The Wonderful Web World's _ruthless_ forcing people to get rid of old browsers because for https they used an encryption protocol which might, under some contrived circumstances, be used for MitM attacks, does seem to be doing some good here. :) What websites do is, if a certain old and poor security protocol is supported by the browser, refuse to let it connect at all. This is because the protocol will downgrade security on glitches. MitM attackers could hypothetically use that by forcing glitches in the data stream. But people who are shipping malware from their own websites will want the malware to be their own, not someone else's, so they'll make sure their web server has this security trick. (MitM = "Man in the Middle") Hahaha! I used to know a lot of artists who used Photoshop on a budget. I'm pretty sure there's a _negative infinity probability_ of the 2022 version running for... let's say a whole minute of image editing, on this machine. :D Oh yeah, an adblocker is an important defense against malware these days. In 2015, I found ads hacking into the Intel GPU on my Linux box so that I had to reboot it to get tolerable graphics performance back. And then on the same laptop in 2017, I had the same problem with FreeBSD! It's because WebGL gives web pages direct access to the GPU, which is one of the stupidest imaginable technologies, right up there with 90s Outlook Express which would open files containing code without even asking first. If you think PDFs can be sketchy, Postscript documents could write files and run stuff! I'm kind-of sad because I keep thinking of the Mac keyboard firmware hack which was demonstrated years ago. It used the keyboard controller's ability to update its own firmware to infect it, then silently refused any more updates so it couldn't be removed. I hope that keyboard is USB.
2:41 please be careful with the "Netflix mailing out DVDs" thing. This ironically won't be misleading to most people due to ignorance, but Netflix does still in fact mail out DVDs in 2022.
you could have disabled invisible to check for invisible files. I used to have to do that to clean libraries and system prefs. It was the only way to keep mackeeper and other autoloaders off your machine for good. Sooooo many clients with mackeeper. Antiviral software wasn't doing its job. I always found all kinds of exe's and other files that were just kind of floating around. It was dangerous though.
Yeah the bigger challenge is just getting online, since most sites use newer https protocols that the old browsers don't support. No doubt there's lot of exploitable issues on those computers, but as mentioned it's just not a worthwhile target anymore. I don't doubt there's a few ancient servers out there still serving up old malware, but finding them is the real trick.
I occasionally browse the web on my Pentium 4 631 system, use it several times a week. It's running Windows XP Pro SP4, 32-bit. I've got 4gb of RAM installed, so it's pretty capable there, but the original 80GB HDD from '06 is still in. I've used Firefox 72, latest somewhat officially supported browser, with good results - I've loaded RUclips Studio, Instagram, even played back RUclips videos (several of yours) at 720P. But one day a few months ago I was searching for a way to crack Quake 3 Arena, I had bought the game on CD but my CD drive was stuck so its DRM wouldn't let me start the game without the disk. Went on a suspicious site, clicked download, several files downloaded and I got the "call this number that is allegedly Microsoft support and pay us to rid you of this virus" fullscreen popup that filled my 1366x768 Trinitron. But, whatever virus had downloaded couldn't run on the 32 bit Windows version. Crisis averted! (I've been using aforementioned system on the Wi-Fi of my dorm for several months with no issue, I have installed the network security patches for the sake of everyone else in the dorm though.) I never noticed anything weird like the crashes in the video, just browser crashes because of the single core processor with very little cache and the slower hard drive by today's standards. Interesting to see how an even older Mac system handles it.
I've allways thought the chances of getting a virus on an old computer where low and that does appear to be the case. You got one virus(maybe) after hours of trying.
I am not sure if old Macs are this unsecure, but Windows XP with the default firewall settings can literally catch viruses from just being connected to the internet. You don't even have to open a web browser and download anything sketchy. Just being connected to the internet will infect it. Modern routers with their basic firewalls prevent this and later versions of XP had a somewhat functional firewall too.
"is that really true?" Windows machines most definitely. Android and iOS, possibly. Mac OS or Linux? not as much but not out of the question, just less of a target in general.
"Don't ever click on a link on a PDF". Tell that to the IT geniuses at the company I work for, which sent me instructions to download the new VPN Client... on a PDF. 😅
RGB2HDMI to any capture hardware with passthrough would work though. I'm not saying that's what he uses, but it would do the job. If you look at Adrian's Digital Basement, he uses RGB2HDMI to capture VIC's/C64-era of hardware with OBS.
The only mac virus I got back on my G3 imac was a Microsoft word one that printed smiley faces non stop, well till I unplugged the printer. Was before I relay had internet, some time around 2000 maybe? Well the only one I know iv had touch wood.
1- I wonder what would happen if you used a modern OS like OpenBSD and browser ? Or maybe the modern but even more obscure would cancel each other out. 2- im surprised you didn’t try searching for some disgusting porn! 🤣
Malware usually requires users doing something careless. Just connecting to the internet is unlikely (but not impossible) to infect your computer, especially since you’re likely behind a router firewall too. I still use Windows 7 as my main Windows PC and keep getting told the same mindless “Oh, you’re gonna get infected/attacked.” responses from ignoramuses.
Windows 7 still has a huge market share in PoS and embedded systems so you're definitely not out of the clear yet. Yes, with common sense and an up to date AV you'll be much much less likely to actually get unwanted code to run on your system, however you're definitely not safe running an unpatched version of an OS that's known for its bugs and exploits. For production use its just not worth it IMO.
One of my favorite things about your channel is that you're sponsored by pcbway, which is an actual relevant service to people who might enjoy your videos. I haven't personally used them, but it seems like there would be plausible nerd-overlap. I could die happy if I never saw another "now here's a word from our sponsor - VPN service you DON'T need" ad.
you should know, if there's still applications being made for something on the internet, especially something that used to be common, it would still cause trouble. if you ever plan to put a machine on the internet, always run virus scans using up to date signatures. also there's still fairly prominent apps that have compatibility with ppc to M1 support, fre:ac still develops for ALL macs, so if there's still software being maintained and coded for it this long after, then it's not a stretch to say that these machines are still being used by SOMEONE so yeah.
Hey Sean, love the videos and the channel. I only have one request: would you please not advertise things like “Satanic AC Club” in a RUclips video? On top of making me really really uncomfortable, you REALLY don’t want anything to do with that, and neither do many of the people who will watch your excellent videos. I know this is an older video but if you see this comment, I hope you’ll take it into consideration. Thank you and keep up the great work!
I have always wondered if a fresh install of XP is just connected to the web, can it be attacked. That is no browsing, just on and connected. I dont think so, and if i am wrong would really like to learn how. Assuming no ports have been forwarded on my internet router.
You're safe until your machine gets discovered by cyber threat actors. Now, unless you start browsing or another machine on your network is infected, that's fairly unlikely. One could imagine man in the middle-style attacks proactively searching for vulnerable machines... but those are fairly unlikely too. Regardless, I'd say patch your machine against exploits like EternalBlue sooner than later.
I remember that there was an old lawsuit filed against people purportedly connected with fake anti-virus malware for Windows PCs, and the lawyer representing the victim as a plaintiff did a demonstration of it on a local news broadcast. From what it looks like in the clip, the lawyer used a PowerPC-based iMac, installed Virtual PC on there (back when it was designed to emulate x86 hardware on PowerPC Macs), did a clean install of Windows XP on the virtual machine, and downloaded the malware in question to show how the scam worked. That wasn't explicitly stated, but that's how I think he did it. It seemed like a pretty good way of isolating the malware from otherwise infecting the host system. Even if the malware attempted to escape, the fact it was running on Mac OS X on the PPC architecture would prevent it from being able to execute machine code.
theres never been a reported case of malware trying to escape a virtual machine to the host machine/attempting to exploit a vm escape vuln (not including docker)
@@Those_Weirdosyea but there are any for virtualbox
@@balllord3546there has, one time my computer attacked me with a baseball bat
Does anyone still make PPC-compatible viruses? Seems like it'd be the same issue as you'd have trying that with Windows 98, it's such a small userbase it's not a desirable target.
Maybe for pure academic purposes. There's no money to be made from them after all.
@@Kippeves good point, I could imagine someone doing it for the hell of it obviously. I'd assume most of those wouldn't be particularly malicious, but I could see that being a fun thing to make just because.
@@jdatlas4668 Yeah I feel like the modern malware for those systems would be akin to the malware of days of old: destructive just for the sake of being destructive. A lot of early malware wasn’t yet profit-motivated, it just fucked up your computer for the hell of it.
@@Kippeves PowerPC is still being made under the name PowerISA and they are used for Supercomputers/mainframes so ppc virus may still be made to attack a very specific target
@@Wileybot2004 Wow, I didn't know about that! Yeah, it sounds very feasible for spearheaded attacks to include PPC/PISA-attacks. Thank you for the information, you learn something new every day.
There used to be an old PowerPC virus I had found that worked by sending out emails, in bulk, using you as a middleman for there own attack. I had a Quadra Tower, before the G3 ever even hit shelves.
Was really fun days.
RIP uncle Brett.
"You can't get viruses on Windows 98!"
- MattKC, i guess
A user with common sense will always be the best protection on any OS or hardware.
Haha that Kitboga video was great! It was hilarious when they were logged into his PC, and they were like don't click on that, then he clicks on it and downloads another virus!
Glad to see some love for the entry level Digital Audio Power Mac! I had a similar question about taking Intel Macs online now that most are no longer getting OS updates, and browsers are leaving more of them behind.
It's really tough to exploit security vulnerabilities on PPC Macs. For one thing, to take over a machine, the exploit needs super-user privileges in order to run. Mac OS X blocks this by default. You'd have to manually run the system from the 'root' account and then totally disable all security measures for it to function. The last known PPC infection that did damage to me was the 'SevenDust/666 virus'. It only ran on Mac OS versions 7 through 9 and, when infected, would slowly flood a disk with one '666' file in each directory. The disk would get corrupted and wouldn't boot the OS, eventually causing you to format the disk.
In the next chapter, we will learn how to install the ATI Radeon HD 3850, the fastest AGP video card ever, in order to be able to decode pornographic streaming videos in HD, with complete security.
I can't wait for it! I will finally be able to set up my MasturbationStation!!!
You might have tried doing a port or traffic analysis on the computer to see if it was trying to phone home or do anything malicious after the browsing. It may not be heavier applications that it was infected with, but something like a simple spyware.
You could always take the drive out and test it on a more modern computer to see if anything really got on there.
Yes i would love to see the results!
Yes, please!
the issue isn't odd websites you vists but rather a larger bot net randomly pinging your machine and then infecting. having now gained access to your network it can infect your modern systems since it has more trust.
Nostalgia alert - I had the (I think) 450MHz version of this machine. I loved that thing, until it was assassinated by a power surge. I kept the side panels as decoration, and they now sit on top of my bookcases.
Similar thing happened to my old PowerMac. I eventually made a suit of armour from its side panels and a few others that people left on the curb, I also used an iMac G3 shell as a “helmet”. It ended up being a great halloween costume.
I think the biggest risk is not viruses but unpatched software/OS problems that could be exploited to bounce over to other computers on the local network.
This, exactly.
It is extremely unlikely that you are going to catch anything with unsupported vintage OSes on the virtue of them being literally incompatible with modern malware, but I would *never* call an old OS "secure".
As an average Joe messing around with old browsers on old OSes, you don't need to worry about security issues, but if you are - say - a company producing something for a major corporation, and wind gets out that you are using ancient unpatched systems connected to the same network as vital IT infrastructure and/or a server holding top secret data, then malicious hackers are likely going to try to use that old system as their entry point, whether it's to spread havoc or to steal confidential data.
I've used PPC Macs online for ages without any issues. I think they're so obsolete that no more PPC malware is floating around.
I bought the same powermac G4 466 digital audio i sold years ago (10 years ish). And it was my first (used) powermac ever.
I have the 733 version of this Mac and a MDD and a G5. I wouldn't attempt this too easily but I do admire your strategy.
Malware is not the concern with using these machines online without any kind of firewall or other protection. The issue is the outdated security certificates, the fact that every bug and vulnerability in those old OS' is well known and documented, protocols that are outdated, etc. Malware isn't a concern but having all your data stolen is so damn easy most automated scripts can get it done. No complex hacking or anything, a script can just walk right in.
If you're actually trying to get malware samples in the wild, keygens are always a good bet, as are activation bypassers and the like.
The reason no viruses to speak of work on it, is the ancient PowerPC architecture that it's running on.
I wouldn't try this on an old Intel machine, because the instruction set might be similar enough to current Intel CPU's that some really bad malware could infect it.
You're always doing such great content, I look forward to your releases. Definitely a highlight of my weeklyish youtube watching.
Fun exercise! I do my retro Macking in QEMU, and didn't know about the InterwebPPC browser. It looks great, so I'll check it out! For Mac OS 9 modern browsing there is something… Classilla. But it is now getting stale too. I thought the hardest part of your adventure would be to find actual malware, but wow it is easy to locate sketchy things!
I guess there's a fundamental issue to this approach: you're essentially looking for the low-hanging fruit, which these days is *always* some form of trojan, because they're the easiest to make - not just for low-hanging fruit victims, but also by low-hanging fruit attackers. Something like retrocompatibility is just too much of a hassle in such cases. However, for someone knowledgeable enough, it's still easy enough to at the very least find well-known CVEs for zero-click attacks, which AT THE VERY LEAST can be used for spreading an attack across a network to find other computers to take advantage of - that downqfil website definitely looks more like it, but is still quite unsophisticated.
So yes, please never EVER disregard security. AT ALL. Here's a quote I like on the topic: "In the real world, if you build a bookshelf and forget to tighten one of the screws all the way, it does not burn down your house"
No such thing as security. Anyone actually looking to do harm is going to get in regardless, the ONLY way to keep anything safe is to keep everything offline. Midling hackers get through government security daily, nothing the average person is going to have compares to that.
@@babayaga7434 Trust me, doing the bare minimum already mitigates most attacks, leaving only the ones that require spending dedicated time to you in particular as a victim. It's a matter of threat modeling.
I’ve been using Macs since the 90s. Once I got a virus from a CD installer for internet phone software. It was easy to remove. Another time a Zip disk got infected with a Windows virus. I guess I had some software like Norton that detected it. But it couldn’t infect my Mac anyway.
And that’s it! There’s really not much in the way of viruses for Macs even today.
I had the exact same G4 Digital Audio.
this is awesome loved from end to finish good work:)
Just a heads up you can use a modern version of clamav to download the most recent database and transfer the file to an older version. This reminds me of when I got some ransomware on my windows xp vm but the payload couldn't actually run because it didn't work on xp. I only found it after running a virus scan (using the aforementioned method of updating the clamav database)
"Security through obscurity."
The thing about getting malware on a G4/G5 is that I'd imagine virtually no modern malware is compiled for PowerPC, and even when Macs were PPC, there was very little malware in comparison to Windows, not because OSX was more hardened, but because Apple had like a 3-4% market share and nobody cared
Something I've noticed about .pkg and .mpkg installers, from dicking around a lot on my G5, is that a lot of the time, even if they contain Intel-only binaries, they'll still extract the contents to whatever destination folders they're supposed to go to. In other words, the package itself is cross-platform but the contents are not.
So, even if a site were able to modify your system preferences to sidestep entering a system password, and it were to successfully do a drive-by download of some self-executing pkg, all that would happen is, it'd install some x86 malware that would sit there and do nothing.
That Mac with the matching display and keyboard is gorgeous
Mattkc tried this on win98 and had a similar experience, I think a lot of viruses of the time are just gone.
They are still available to download, but only on legitimate sites for demonstration purposes.
I think i have 6000 old viruses
lolz I use a old PPC G4 as a Virus archive Machine ;) Been that way since the 90s and the collection is mighty ;)
How many gigs
@@BulletproofKuloodporny Thousands, I started in 94 and have been collecting since for almost every platform :) For archiving uses of course ;) Maybe a couple of times for people that have pissed me off ;)
@@mccrh7737 wow. So like 20 or 40 terabytes
@@BulletproofKuloodporny Would have to check, but it's all on a 500gb HD Think I recall it's a bit more than that though. Around 100 GB or so :)
Quick edit, it's 111.43 GB :)
@@mccrh7737 ok. And if it's available to download i would download it but my internet is soooo slow
I would love to have seen this tried on Mac OS 9. As if anyone code stuff for Classic Mac OS. There's Classilla, right?
I think people overdo the "don't connect that old computer to the internet" thing. I mean, if you don't log into any sensible account of yours and you only use the thing for retro gaming and the like, is there actually that much potential harm? I really doubt it.
You've demonstrated an interesting point: malware in general only targets what's most probable to be "out there"; that means the more massive *CURRENT* platforms, so they in fact phase out old malware to target current hardware; your macos is so old that is unsupported not only for productive legit software but also for viruses/malware.Obsolescense (when not planned) is a blessing and a curse at the same time.
I sure hate when malware infects hard drive's controller and then converts your Mac into PC.
same always the worst
you also have the pro-oh you talked about the processor's 32bit ppc architecture. good on ya!~
Maybe instead of infecting the computer the viruses woke up the spirit realm and invited ghosts into your house WOOOOOO!
Scan drive externally attached to modern mac/linux box with modern AV
Since most those wanted to run on Leopard, you should do this again running Leopard.
I mean the whole Mac lab got taken down by some virus when I was at SFSU in the 90s. And that was in the early PPC G3 era. And knowing how Universities take forever to get rid of old stuff (in some cases they can't dispose of old gear by selling it for legal reasons, and for other legal reasons they cant dispose of it without ensuring all data is wiped. So they just don't) I wouldn't be surprised is there is still some paper online with a nice chewy payload for PPC arch.
14:30 the system likely just crashed / kernel panic'd and then rebooted - I'd look in the logs when it occurs. It is interesting @ 11:42 how you can see System Preferences launching in the Dock right before it reboots. If that browser has some option to automatically launch a downloaded app, I'm curious if you turned that off whether it'd still reproduce.
I think it's trying to install a configuration profile
@@Piipperi800 Do OSX versions that old even have configuration profiles?
@@Piipperi800 Or a System Preferences extension, those have elevated priviledges.
Before watching this, i think the only malware possible would be things that run on a higher level language like a scripting language or something like Java. Mac's are already a low target though.
For people watching at home, security by obscurity only works against unskilled, untargeted attacks.
If you want to be secure from someone who knows you exist, it's not going to slow them down much.
That said, modern PPC malware can't be that common :P
True, but it's not exclusively SbO. I can't speak for the 7450, but the 7410 and older's lack of speculative execution, branch prediction, and the like does give less surface area for attack vectors. I'd feel 100% safe using, say, a dual 500 with OpenBSD online, even serving up pages fron it.
A question... Would erasing and reformatting a hard drive be enough to remove or disable malware?
Yeah. The only way it wouldn't work is if there was something that patched the firmware. Since you would be using a CD or DVD to do the format / re-install, the installation media wouldn't be infected. Back in the day, you could make a boot disk get infected, which would cause the reinstalled media to get infected.
As long as there's no contiguous access from infected writable media to the end point, you're likely fine. Using an external hard drive for recovery would likely add to the potential for infection after a reformat.
ClamAV is not a great anti-virus application. I've seen it running on infected XP machines and it found nothing.
Couldn't you use an external firewall to monitor the pc's net traffic?
Btw, never use that spinning hard drive again? Why not plug it into a PC (which can't read HFS+) and format it, then format it again on a Mac. Zero risk for virus transfer.
Whenever I find a USB thumb drive out in the wild, I always plug them in on my iMac G3 (booted into Mac OS 9), have a look at it, and reformat it. I gather that Mac OS 9 is a very unlikely attack vector.
Be careful as there are USB killer sticks out there that'll just dump a huge load of energy saved up in capacitors into the USB circuitry and at best blow a fuse, at worst kill the entire mainboard
I wonder if more malware will run in PPC Leopard?
You could take the drives out and scan them with a more modern Mac with a more up to date anti-virus.
One that’s offline and has no personal information.
didn't a few of the programs that gave an error message say something along the lines of *the computer was ONE MAJOR VERSION TOO OLD to run it?*
Yeah one of these days I’m gonna do this on one of my Leopard PPCs lol. I’ve been curious about this too.
good job, Sean!!!!!! nice video
Part 2 video with an old Mac running 10.5 so that some of those weird apps might actually launch? 😅
Sliver is an actual iPhone jailbreak tool or something like that
"Who surfs on a highway?"
Well, I don't know, who puts wallpaper on their desktop? :-}
It's the same age as my iBook. Same clock speed too. And the more I look at the case, the more I want one.
Being serious for a couple of seconds, I think the upgrade mania of the last decade may have done some good in that a lot of old malware that was knocking around the net for ages regardless of its usefulness may have been cleared away. Possibly. Maybe. I don't know. :)
Oh haha! The Wonderful Web World's _ruthless_ forcing people to get rid of old browsers because for https they used an encryption protocol which might, under some contrived circumstances, be used for MitM attacks, does seem to be doing some good here. :) What websites do is, if a certain old and poor security protocol is supported by the browser, refuse to let it connect at all. This is because the protocol will downgrade security on glitches. MitM attackers could hypothetically use that by forcing glitches in the data stream. But people who are shipping malware from their own websites will want the malware to be their own, not someone else's, so they'll make sure their web server has this security trick.
(MitM = "Man in the Middle")
Hahaha! I used to know a lot of artists who used Photoshop on a budget. I'm pretty sure there's a _negative infinity probability_ of the 2022 version running for... let's say a whole minute of image editing, on this machine. :D
Oh yeah, an adblocker is an important defense against malware these days. In 2015, I found ads hacking into the Intel GPU on my Linux box so that I had to reboot it to get tolerable graphics performance back. And then on the same laptop in 2017, I had the same problem with FreeBSD! It's because WebGL gives web pages direct access to the GPU, which is one of the stupidest imaginable technologies, right up there with 90s Outlook Express which would open files containing code without even asking first. If you think PDFs can be sketchy, Postscript documents could write files and run stuff!
I'm kind-of sad because I keep thinking of the Mac keyboard firmware hack which was demonstrated years ago. It used the keyboard controller's ability to update its own firmware to infect it, then silently refused any more updates so it couldn't be removed. I hope that keyboard is USB.
2:41 please be careful with the "Netflix mailing out DVDs" thing. This ironically won't be misleading to most people due to ignorance, but Netflix does still in fact mail out DVDs in 2022.
How about “this is years before Netflix started streaming” or “this is from the days when Netflix was ONLY a dvd-by-mail company” 😮
Yeah, wouldn’t want anyone to get hurt.
I think its pretty save with OS2 and Basic
Who else mistakenly read this as "Trying to Get Modern WARFARE on my Power Mac G4"? Just me then.
you could have disabled invisible to check for invisible files. I used to have to do that to clean libraries and system prefs. It was the only way to keep mackeeper and other autoloaders off your machine for good. Sooooo many clients with mackeeper. Antiviral software wasn't doing its job. I always found all kinds of exe's and other files that were just kind of floating around. It was dangerous though.
Yeah the bigger challenge is just getting online, since most sites use newer https protocols that the old browsers don't support. No doubt there's lot of exploitable issues on those computers, but as mentioned it's just not a worthwhile target anymore. I don't doubt there's a few ancient servers out there still serving up old malware, but finding them is the real trick.
I like how Tiger is that old that Viruses just take pity and move on XD
*Also, hey that's my Mac! (perfect bridge machine with an LS120 drive)
You could isolate the hard drive and scan it with modern antivirus software actually.
I occasionally browse the web on my Pentium 4 631 system, use it several times a week. It's running Windows XP Pro SP4, 32-bit. I've got 4gb of RAM installed, so it's pretty capable there, but the original 80GB HDD from '06 is still in. I've used Firefox 72, latest somewhat officially supported browser, with good results - I've loaded RUclips Studio, Instagram, even played back RUclips videos (several of yours) at 720P. But one day a few months ago I was searching for a way to crack Quake 3 Arena, I had bought the game on CD but my CD drive was stuck so its DRM wouldn't let me start the game without the disk. Went on a suspicious site, clicked download, several files downloaded and I got the "call this number that is allegedly Microsoft support and pay us to rid you of this virus" fullscreen popup that filled my 1366x768 Trinitron. But, whatever virus had downloaded couldn't run on the 32 bit Windows version. Crisis averted!
(I've been using aforementioned system on the Wi-Fi of my dorm for several months with no issue, I have installed the network security patches for the sake of everyone else in the dorm though.)
I never noticed anything weird like the crashes in the video, just browser crashes because of the single core processor with very little cache and the slower hard drive by today's standards.
Interesting to see how an even older Mac system handles it.
I've allways thought the chances of getting a virus on an old computer where low and that does appear to be the case. You got one virus(maybe) after hours of trying.
I am not sure if old Macs are this unsecure, but Windows XP with the default firewall settings can literally catch viruses from just being connected to the internet. You don't even have to open a web browser and download anything sketchy. Just being connected to the internet will infect it. Modern routers with their basic firewalls prevent this and later versions of XP had a somewhat functional firewall too.
I assume you're referring to attack vectors like EternalBlue? Are there others to be concerned about?
Do you know if Bolle is selling any more SE30 accelerator boards?
"is that really true?" Windows machines most definitely. Android and iOS, possibly. Mac OS or Linux? not as much but not out of the question, just less of a target in general.
I hear the best links are those MSDT links in Word docs.
This made me laugh out loud!
"Don't ever click on a link on a PDF". Tell that to the IT geniuses at the company I work for, which sent me instructions to download the new VPN Client... on a PDF. 😅
May I ask what did you use to capture video? The ONLY vintage Mac I’ve got is a G4 Tower with a pretty DVI video card. I’m curious…
You can use an app that records the screen it's pretty fast on my 1ghz iBook G4
RGB2HDMI to any capture hardware with passthrough would work though. I'm not saying that's what he uses, but it would do the job. If you look at Adrian's Digital Basement, he uses RGB2HDMI to capture VIC's/C64-era of hardware with OBS.
Ironically the PPC Mac is probably one of the more secure browsing machines now, because nothing uses PPC, so why make malware for it?
Sorry dude, wich versión should suggestme for upgrade an G4 PPC!
Currently runing a Tiger 10.4... Leopard or unsoported Snow Leopard.
THX in advance
Depends on how fast your machine is. If it's an early enough G4, probably a combo of Jaguar and Tiger, maybe have a 20GB Sorbet Leopard partition.
The only mac virus I got back on my G3 imac was a Microsoft word one that printed smiley faces non stop, well till I unplugged the printer.
Was before I relay had internet, some time around 2000 maybe?
Well the only one I know iv had touch wood.
BING... Because It's Not Google!
Those "Satanic Mac Club" shirts are nice! Where are they from?
Anyone else as surprised as I am that updates for applications were still being served to it? Lol 😆
Tiger and Leopard both still have active update servers.
Please use a more stable table next time. The jiggling G4 was jarring :)
Now I might want to fire up my power mac 🤣
why didnt u scan the latest breaking news?!
Thank goodness this wasn't a Windows XP machine! I can't imagine the insane quantity of viruses probably still out there for those computers.
Unless it ran Windows XP x64. Nobody supported that well, not even Microsoft. /sarcasm
Do this again with 10.5
"Free Minecraft Hack Download" - Excuse me?
1- I wonder what would happen if you used a modern OS like OpenBSD and browser ? Or maybe the modern but even more obscure would cancel each other out.
2- im surprised you didn’t try searching for some disgusting porn! 🤣
10:50... it asked if you want to search Mac and cheese..
omg 😂🤣 0:03 That should be the PopUp sound FXs when a Virus is Detetcted.
ActionRetro AntiVirus For Mac n PC .concept Epic
But Netflix *still* mails out DVDs.
Malware usually requires users doing something careless. Just connecting to the internet is unlikely (but not impossible) to infect your computer, especially since you’re likely behind a router firewall too. I still use Windows 7 as my main Windows PC and keep getting told the same mindless “Oh, you’re gonna get infected/attacked.” responses from ignoramuses.
I feel like Windows 7 isn't outdated enough for it to be safe to use yet
Windows 7 still has a huge market share in PoS and embedded systems so you're definitely not out of the clear yet. Yes, with common sense and an up to date AV you'll be much much less likely to actually get unwanted code to run on your system, however you're definitely not safe running an unpatched version of an OS that's known for its bugs and exploits. For production use its just not worth it IMO.
I wonder if an automated "search for updates" feature could be hijacked and redirected to another site to download what the app thinks is an update?
love mozzila firefox 100
I have that exact model of G4 and would like to see your efforts to max out its performance. Am interested in reasonably priced hardware upgrades.
Much like how there are no viruses on windows 98, there are no viruses for macOS
Whats up with your shirt?
well if the os has been out of support from browsers and apps then it's safe nobody is gonna make malware for let's say android 4.4 kitkat from 2013
One of my favorite things about your channel is that you're sponsored by pcbway, which is an actual relevant service to people who might enjoy your videos. I haven't personally used them, but it seems like there would be plausible nerd-overlap.
I could die happy if I never saw another "now here's a word from our sponsor - VPN service you DON'T need" ad.
you should know, if there's still applications being made for something on the internet, especially something that used to be common, it would still cause trouble.
if you ever plan to put a machine on the internet, always run virus scans using up to date signatures.
also there's still fairly prominent apps that have compatibility with ppc to M1 support, fre:ac still develops for ALL macs, so if there's still software being maintained and coded for it this long after, then it's not a stretch to say that these machines are still being used by SOMEONE so yeah.
Hey Sean, love the videos and the channel. I only have one request: would you please not advertise things like “Satanic AC Club” in a RUclips video? On top of making me really really uncomfortable, you REALLY don’t want anything to do with that, and neither do many of the people who will watch your excellent videos. I know this is an older video but if you see this comment, I hope you’ll take it into consideration. Thank you and keep up the great work!
FYI I’m talking about the shirt you’re wearing in this video. I just don’t think that’s a good idea to wear for a RUclips video.
7:55 clicks on android link
I have always wondered if a fresh install of XP is just connected to the web, can it be attacked. That is no browsing, just on and connected. I dont think so, and if i am wrong would really like to learn how. Assuming no ports have been forwarded on my internet router.
You're safe until your machine gets discovered by cyber threat actors. Now, unless you start browsing or another machine on your network is infected, that's fairly unlikely. One could imagine man in the middle-style attacks proactively searching for vulnerable machines... but those are fairly unlikely too. Regardless, I'd say patch your machine against exploits like EternalBlue sooner than later.
Unless you know and trust the person or organisation who /which made the pdf.
Try this with a Windows XP system.
I think it's more they are a lot easier to hack.