Hi Everybody! I'd originally intended to post this a bit over a week ago, but something (which I will likely discuss in detail at a later date) came up and I both hadn't given myself sufficient opportunity to review the concept of the article, nor was I in a place, physically, where it was convenient to work on it and post it.
This post is very long. It's long enough that you may want to consider loading it up on a tablet or e-reader. It's still a small mess, conceptually, but I had to either post it or delete it eventually. I intentionally left the name of the site out, but it's not hard to guess the site about which I'm talking.
I'm going to out myself as a leader on a somewhat popular forum focused on old Macs. (Because you didn't know?) This post is both about that, and about my personal Macintosh story. I joined the site in 2002 because I'd acquired an old Mac and was interested in what to do with it, how to use it, and so on. At the time, I didn't really think of myself as a retro-computing enthusiast, or of the machine as a vintage or retro computer. It was a computer, I wanted to do tasks on it, and the forum (which I today refer to as Ye Olde Computer Forum) was going to help me accomplish those goals. Sort of.
The forum itself was founded just a year or two earlier as a special interest group, when it started to be possible to get old 68k-based Macintoshes out of dumpsters and thrift stores for free or nearly free. Although there was a focus on the "rescue" element, it was at its heart a user group about the best way to configure the arguably then-current Mac OS 8.1 and Internet Explorer 4 for use on the Internet, with the twist that the focus was "old" hardware – stuff that was at the time, five to eight years old.
Getting Onto the Scene
Though my outlook on the machine itself didn't change – I used the old Macs I'd gotten, which were in their second lives as my primary computers – my mode of interaction with the forum pretty quickly devolved from "getting help" to goofing off, but on the Internet, which was still somewhat novel at a time in my life when the Internet was this thing I did for about an hour every second or third day. I think a big part of the challenge for me was that I had this computer I perceived as being very high end, professional, and "for" tasks such as programming, science, and content creation; but I didn't have any real concept of how those tasks were accomplished using computers, nor did I ever get any access to peripherals and other accessories to assist with that type of work until much later, when I was focused on finding that kind of thing, and as those sorts of accessories reached the end of their lives.
In fact, as a very young person, I didn't have a concept of a lot of things, and very close to 100% of the data and software I used at that time is gone, because I never understood the idea of using removable media to preserve the contents of a computer beyond its own lifespan, nor did I ever bother trying to find such things. I think most of the Iomega Zip 100 and SyQuest EZ-Flyer 135 stuff was still being used by its original owners at the time, anyway.
As time went on, I did get my first really modern Mac, a PowerBook G4, and over the years, it was my first of a lot of things. It was my first laptop, it was the first computer on which I could realistically capture video, the first computer I had with a significant and permanent means of preserving files on removable media (inexpensively, with the DVD burner) and it also became my first computer to become inadequate for the tasks I wanted to accomplish. At the tail end of high school, I'd started getting "into" digital still photography, and as such, one of the things to come my way was a digital SLR camera that produced RAW files. At around that same time, that machine went on to become my first computer to suffer a physical failure that was beyond my skills to repair. Out of warranty, but too new to really be worth "risking" I decided to trade it for whatever I could get to bring to the university.
Changes
I ended up at the university in much the same way I'd operated in middle school – with two old computers on their second life, running current software, doing current tasks, but slowly. I used one of them for "work" like Photoshop, organizing files in Bridge, capturing video and rendering 3d scenes, and the other for "play" like chatting, e-mail, the Internet, etc. After the failure of my PowerBook, I didn't want another laptop for a while, but I did end up with an Intel-based iMac.
At the time (keep in mind that the first round of Intel-based Macintoshes had just been announced,) a lot of people were suggesting I should buy a Power Macintosh G5. I'd used one or two of them and they were way faster than my PowerBook, but given that they were the outgoing platform, I was unconvinced that for somebody who (at the time) received or could generate funding to buy a new computer so very rarely, that buying a discontinued product was a good idea. I was right, because the iMac I ended up with would have run Mac OS X up through 10.7, and a G5 would only have run 10.5.
It was at about this time that Ye Olde Computer Forum experienced a fairly high amount of turn-over. Most of the youngest users on the forum either got jobs or used scholarship money to buy modern computers to meet their college needs, and most of the older forum members turned to PowerPC Macs, Windows, or other computers as their own needs changed. Those who stayed around turned their working 68k-based computers into "collections" and new young people who joined the forum saw the machines not as their primary computers, but as a play toy – something on which to reminisce about a past they never had and about good old days which were, in reality, fairly bad.
Internet Home
In 2008, I was essentially primed to leave. The 68kMLA had suffered not one but two massive, recent data losses, and a large majority of my favorite of the classic members had gone. These were the people who were true power users of the platform back in its heyday, had a surprising technical understanding of the platform, and were really well-written, and so on. At the same time, I'd been at the university for a year or two and hadn't really been using any of my 68k Macintoshes, so sticking around didn't really make that much sense from that original perspective of it being a specialized user group. I could get information about issues pertaining to my iMac on other web sites, and I was also no longer exclusively a Mac user, having picked up a ThinkPad R61 running Windows Vista in the year before.
I had a job, an overwhelming number of in-person friends, I created art, I was becoming better at both techno-craft and photo-craft on a regular basis, and yet. I flew too close to the sun, and the sun drew me in. After having leveled out as an Internet personality throughout high school, and become actually quite a reasonable young adult in college, I was chosen as a new moderator for the forum, and in 2010, I was chosen as one of the new administrators for the community. Now, not only had I essentially grown my Internet personality on the site, but it was mine to take care of. Some people find "their place" writing to a large audience on a blog, some find it in front of their webcam on YouTube, some find it quipping on twitter, or shooting 'em up in an on-line game, and I'd found mine, discussing vintage Macintoshes.
At about that same time, it became very obvious that the machines that had long been the focus of the site were in need of repair. Somewhere along the way, we'd "opened" the discussion to PowerPC-based Macintoshes, and it was clear that a reasonable amount of the total traffic on the site was people seeking help with such systems, especially after the failure of a similar site dedicated to PowerpC computers. So there was almost no discussion about using the 68k Macs as "current" systems, and a lot about how best to preserve them, with a healthy side about how to use various PowerPC systems as primary computers.
Decade-Old Computing
I've described the phenomenon that started here before as "decade-old computing." The idea here is that both on Ye Olde Computer Forum and in other venues, there's a contingent of people who will always be using a computer that's about a decade old. They might get it when it's eight years old and use it until it's twelve, but it centers on that ten-year mark.
While remaining both serious and politically correct, it's difficult to identify a single reason why people do this. I think part of it is that people see a computer purchase as an investment. A very small number of the decade-old scene are actually using computers they bought new about a decade ago, for example. Some of them are on such a tight budget that it's impossible to buy a computer they perceive as "nice" that's any newer than eight to ten years old without significant hardship or falling in with the first crowd, buying one computer every ten years or so.
Some people talk about being able to learn every part of a given system over the course of such a long time, but from observation, the vast majority of this crowd is doing it for budget reasons, and there might be among them a single one who has even started programming, and one other who considers themselves an accomplished system administrator.
Useful Forever
Among home computing markets, one of the common memes is the demoscene, wherein a talented programmer will create a multimedia presentation programmed (usually) in assembly language. This is common on Commodore, and Atari (and to some extent, Apple II) groups, where such a machine's graphical or audio abilities might have been unusual for its time and where seeing one play full motion video while putting out high quality sound is very impressive.
On the other hand, almost nobody on, say, the Apple II scene talks about how useful they are for writing the Great American Novel, balancing a budget, or sending e-mail, even though some of that particular type of productivity was a heavy focus when the machines were new.
A huge focus on Ye Olde Computer Forum is how great such machines are as a distraction-free writing environment, to send e-mail, view a twitter feed, lay out a magazine or newspaper, and act as the center of a home automation system, among other things.
Some of it makes sense, the Macintosh as a platform straddled the home and professional markets, whereas while the Commodore 64 was a home computer, Commodore sold other machines for business purposes. Even IBM was targeting the IBM PC for home and small business environments and its UNIX and minicomputer systems for larger businesses.
Blurred Lines
One of the unique aspects of the Macintosh as a platform is that it never really "died" in the way that, say, the Atari, Amiga, and RISC OS did. Apple stayed around and between 1994 and 2005, built PowerPC-based computers. From 2006 onward, they built Intel-based computers. In the early 2000s, they also migrated from the classic Mac OS to Mac OS X. Because there are so many possible demarcation points, different people place that marker at different points. Some say that the line should be drawn in 1997 when Steve Jobs rejoined Apple. Some draw the line in 2006 when the first Intel-based Macintoshes shipped. Some would draw a line in 1994 when PowerPC was introduced, and some would draw it in 1998 when the iMac was introduced, bringing with it a massive visual update to Apple's product lineup and the NewWorld firmware.
Apple's support policy has almost never been consistent. Many people cite the Mac Plus as a great example of a long-lived computer because after having been introduced in 1986, it ran a current version of the system software all the way until 7.6.0 was introduced in January, 1997. However, that was a single machine which was very close to completely un-upgradeable, it had a low RAM ceiling for 1986, and even when "maxed out" its performance running System 7.5.5 is so bad that it's almost guaranteed nobody was doing it. System 7.5.5 uses so much of a Plus's available resources it makes no sense to run it especially given that the machine has little to no networking capabilities. But nobody talks about that, because it would be inconvenient to admit that while it worked, it was a bad idea.
On the other end of things, the Power Macintosh 5200 and 6200 were introduced with system 7.5.1 installed on them, and it's commonly held on the community that none of them ran anything newer than 8.1, because of the performance problems with those systems. I don't agree with that assessment, but that's a good example of inconsistency on the scene. Although they may be about as happy doing it as a Plus is running 7.5.5, the 5200 and 6200 will run Mac OS 9.1.
Challenges on the Scene
With that in mind, I think there are two main challenges, at least to my particular web site.
The first is that despite having "68k" in the name, a lot of people have been calling for a more expanded inclusion of PowerPC and now (that they're eight years old) Intel-based Macintoshes on the forum. A few years ago, we transitioned PowerPCs away from "contraband" status, but never fully integrated them with all of the other discussion on the site. Because few PowerPC machines really need repair at this point, the present vast majority of the PowerPC discussion is people seeking support for the use of old versions of Mac OS X in their daily lives.
The second problem on the scene dovetails nicely with that problem, which is that even some of our newest members have started to internalize the notion that the forum is a place for decade-old computing. That creates two more challenges. The first is that we need to continuously re-evaluate the forum software and our attitudes to ensure that it's friendly to the population that's using the decade-old computer of the moment. The second of these sub-challenges is that as appropriate, the whole scene needs to prepare them to support anybody who comes by with the decade-old computer of the moment.
Another problem, and I think this is related mostly to the fact that most of the population on Ye Olde Computer Forum are end users (often of home systems); not system administrators, programmers, or even really power users of a certain application. As a result, most people don't seem to understand (or care) about how powerful Mac OS X is, or seem to "get" the differences between the 1990s and today as it pertains to computers.
The Environment and Network Security
In 2002 when I joined Ye Olde Computer Forum, Internet Explorer 4.01 was for all intents and purposes, still "current" and computers were only connected to the Internet for a few hours at a time, often changing IP addresses several times during the session. In addition, few (if any) home computers had a full complement of network services or were multi-user systems, where a remote user could connect to a system and use its resources without disconnecting or notifying the user sitting in front of the system. NAT wasn't in common use on networks yet, and network border security was still a brand new concept, coming hot off the era where in a networked UNIX environment, each user's machine was likely to be a full mail server, on purpose. It was the wild west of the bad old days, where nothing was firewalled or encrypted and passwords never expired.
Today, not only does almost every user on Ye Olde Computer Forum have always-on network connections, those connections are veritable firehoses and water mains compared to the garden hoses of yore. Computers, even decade-old computers are now so powerful, that the laptop on an average user's lap will happily handle a dozen or so shell users without there being any effect on performance, or likewise, send a few hundred thousand e-mails from a mail server, either built into the system, or deployed via malware, without causing the system to stall or affecting its performance at everyday tasks.
In addition to all of this, black hats and script kiddies have very powerful automated tools to infect web sites to further drop malware onto desktop computers and use tools such as DNS and NTP servers on remote computers to perform denial of service attacks. Whereas in the 1990s and early 2000s, the point of black hat hacking was simply to destroy things or have access to resources for personal use (i.e. more BBS time,) the point today tends to be to acquire credit card numbers or an IP address, account, or machine to do things like bitcoin mining or sending spam messages for the highest bidder. Malware like pushdo/cutwail have commercialized the process of sending spam using infected computers as a mail server.
Pushdo/cutwail don't really exist on the Mac, but that doesn't stop Macs from being remotely compromisable, and for anybody who does compromise one, there's standard UNIX everything built in, even on all of the old versions. In addition the firewall is not enabled by default in Mac OS X and IPv6 has been on and enabled by default for a long time. With the prevalence of IPv6-ready ISPs and provided residential gateways, the old safety net of your WRT54GL or simply disconnecting and reconnecting to the Internet is no longer sufficient to stay safe, as a Mac will get a direct, un-firewalled, public IP address.
Before I continue, it's worth noting that I'm about to describe a vocal minority. I consider this minority problematic because of how vocal they are, and because some of them have a very real ability to put a considerable load not only on localized, last mile infrastructure, but on important Internet backbones. One particular user of the forum has a link to his personal web site in his profile. His "personal site" is actually his company, and his company provides network hosting services. I casually mentioned this to an acquaintance who promptly remotely scanned his network, and at least one of his machines is vulnerable to remote exploits. Included in this list is a machine with its own public IPv4 address, sitting directly on a gigabit network port on the public Internet, in very close physical proximity to a popular network colocation and peering point in the United States, vulnerable to being used as part of an NTP reflection attack. (What's worse I that the particular machine is running an operating system that is still receiving security updates, they have simply declined to patch it.)
Good Network Neighbor
Part of what inspires people to run un-patched operating systems is that they simply don't know about the dangers. The other part is that people have this notion that because the machine is their personal property, they have complete dominion over it, even to the detriment of other people. I can see why they believe this. In the 1980s and 1990s, there was simply nothing your computer could do to the detriment of other users or computers. (Aside from transmit viruses on removable media.) Today, a decade-old computer is capable of saturating a gigabit network link and most (if not all) networking equipment is designed to be able to handle it, and more and more residential network connections are catching up to performance and symmetric demands that consumers have been placing on their ISPs.
As a systems administrator, our friend I mentioned above isn't necessarily responsible for penetration testing against his own systems, but he is responsible for following best practices in the industry and taking every reasonable precaution to protect data and make it available to the correct parties. Let's remember for a moment that this guy runs a commercial company and has paying customers who, regardless of whether or not they know the difference between Mac OS X 10.5 and the latest version of FreeBSD, are relying on him (and his team if there is one) to protect them from data loss, system intrusion, and ensure that the data is as available as reasonably possible.
Not only is our systems administrator friend responsible for his customers' data, but he is sitting on several gigabit ports in a building directly adjacent to several Internet backbones. Should one (or realistically, all) of his systems get compromised, not only is he causing problems for his paying customers, but he's causing problems for the Internet at large. And, this is the worst of all possible worlds, given how congested most of those links already are by legitimate traffic such as Internet streaming. All of his customers would be right to leave him after finding out how out of date his systems are, on purpose, and how vulnerable that makes them.
The same kinds of things apply in a home environment. While I don't personally have paying customers relying on the availability of my laptop, it has the ability to fully saturate a gigabit link without my noticing (this is how it does backups) and it's one of my oldest active computers. I own three or four laptops about this fast, and they're all faster than our system administrator friend's systems. Most people have a number of systems like this, and to make the situation that much worse, while it's not on a backbone, more and more people in the United States and the world at large are getting access to very fast Internet connections, and dedicated IP addresses for each system with IPv6.
In the US, Verizon FiOS has customers at up to 500/500 megabits; Google Fiber, AT&T U-Verse, and CenturyLink all have gigabit customers; and there are smaller providers all over the place with customers on fast connections. With connections like that (heck, even with a connection at a speed like 24 by 3 megabits) it's important to keep systems updated and secured, because even at three megabits, malware like pushdo/cutwail or an attacker directly connecting to a UNIX/Linux or Mac OS X computer can send a whole lot of spam messages.
The problem really is the people who feel like it's not their problem if their computer gets infected. In an ideal world, Internet Service Providers would ban and completely block (at the modem or residential gateway) accounts found to be causing problems for other customers. Many ISPs attempt to curtail the problem by blocking residential accounts from receiving mail on port 25 and adding network management clauses to their terms of service, but few monitor for traffic that looks like malware, or check into why something is using a high amount of transfer. In addition, port 25 blocking typically prevents open relays, but doesn't do anything to prevent malware or an attacker from sending mail on a residential connection.
Poor Attitude
To bring things back to the whole "Mac forum" issue, the big challenge here is providing advice on how to use old, insecure systems without simply eliminating Mac OS X from the picture, or removing such systems from all routable networks. This type of advice is typically unpopular, however, because most people with computers like this prefer to use them as though they were new computers. (Ignoring the fact that in 2005 when Power Macintosh G5s were still shipping new, they weren't really being used as Facebook terminals.)
The other problem is that most people (correctly) see an inherent problem with the idea of installing something other than Mac OS on Apple's hardware. On the Intel systems, drivers for non-Mac operating systems aren't always that great, and on PowerPC systems, support tends to rely on somebody from the team of whatever operating system you're trying to use personally owning and liking that system. Even then, specific configurations tend not to be supported, and open source software often prioritizes different things than Mac software vendors did.
The other problem with security advice about Mac OS X computers is that most of it comes from people who are used to compiling and deploying their own software and manually editing configuration files. To put it bluntly, this isn't the kind of person Mac OS X Server was originally for, nor is it the kind of person I worry about most when it comes to Mac OS X security. The problem is that the people who want to run Mac OS X server almost universally are the "uninformed user" type who still believes that Mac OS X is infallible purely because it's a Mac, and despite being on a Mac forum, aren't aware of the Mac's sordid history with computer viruses.
This kind of attitude dovetails nicely with the fact that many desktop computer users simply aren't well-informed enough successfully run a server that's safe online. Posting "Cory, systems administration is different from running a desktop computer" isn't a valid response when you're on a web site where every single day, people talk about running a server as though it's the same as running a desktop computer.
It's worth noting that Mac OS 9 and earlier versions of the Mac OS don't have this kind of problem, because they were not designed with near the level of network integration that Mac OS X, Windows XP, and other UNIX operating systems were. Mac OS 9 doesn't have a DNS server or a mail transfer agent built in, and although its file sharing mechanism is insecure, it's not known to be able to do anything other than, well, access files. That and you can truly and fully strip the file sharing components out of the operating system should you feel it necessary. This is a little bit more complicated on a Mac OS X computer.
So, one of my biggest problems is definitely that I have a single user who claims to be an accomplished UNIX administrator conflating the issues of keeping his *BSD boxes secure with keeping Macintosh desktops secure, giving faulty advice about how to stay safe online with an outdated UNIX system that has known security vulnerabilities and as-of-yet unknown ones, and completely missing it when I write things about how these desktop Macintosh users want to run servers with the same methodology, which he himself admits is faulty.
At the End
I'd love to say that I run a web site where everybody agrees, or at least follows good network security practices even if they don't, but alas. I like to think these kinds of problems aren't an issue on other web sites, but I simply can't claim to actually know that. The best I can do, I would say, is to hope.
The site is always under proverbial construction. The other administrators and I are currently hunting for moderators, working on a re-write of the rules, and defining acceptable netiquette. We've got a new theme on the docket, and even without all of that, we made a great change in software this year that has actually made the site a lot more stable.
It's cathartic to write about the things that annoy me most on the site. By and large, they're cosmetic things, and attitudes of individual people, and fortunately they do make up the minority. As in all things, it's a minority of the users causing a majority of the problems. I'm always reviewing how I interact with the forum as well as the forum's rules and policies in order to best serve the community, and hope that it's noticed.