Neither does Osborne Computer Corporation. :-) But that's a hobby, and doesn't have connectivity issues anyway. But I don't run the browser on my Sun workstation, either (an ancient version of Firefox, I think; I may still have Mosaic on there, but that's so old it's just plain useless).
FWIW, I find a refurbished late 2014 Mac Mini (oldest low-end Mac that can run Monterey) at OWC for as little as $189 (doubtless a low end config, but likely competitive with something even older). That's not even the lowest possible price, just the low end of what I saw in 10 seconds looking at search results, from a reputable seller. More looking could beat that. Heck, someone here may have something non-ancient (at least able to run Catalina, which still gets security updates) they'd be willing to part with for the cost of shipping. Alas, not me; I'm the graveyard of old computers, as that Osborne (and an even older Exidy Sorcerer) might suggest. Is there a modern GUI browser in MacPorts, that uses only libs supplied by MacPorts (aside from libSystem)? If so, using that might be kinda sorta safer than using Safari on a system with no current security updates. > On Oct 29, 2021, at 12:45, Richard Bonomo TDS personal <[email protected]> wrote: > > > Well, some of us are reasonably competent in managing risk, but cannot afford > to be buying new computers. > So the Apples I have, or are on loan to me, have to be kept going. > > On a more pathologic level, I am also in possession (extended load) of a µVAX > workstation that I should try > to get working again. There is no such thing as a support contract for that, > and DEC does not exist any more. > > Rich > > ----- Original Message ----- > From: "Richard L. Hamilton" <[email protected]> > To: "macports-users Users" <[email protected]> > Sent: Friday, October 29, 2021 11:25:56 AM > Subject: Re: provide latest OS root certificates via port? > > > >> On Oct 29, 2021, at 12:02, Michael <[email protected]> wrote: >> >> As a user who spent a week trying to figure out what was going on with more >> and more sites not working, making less of the information out there >> available to figure out how to solve the expired cert, it was really painful >> to find out that this was "known in advance", and worse, this implies that >> ANY "modern", "secure" OS is an inherent time-death, for no good reason. >> >> Having an easy way to update certs would be wonderful. >> Finding out the hard way that not only did I need to put the DST root in, >> but that in the next year there's a couple more that will expire, when this >> was something that could have, and should have, been made very public in >> advance, was painful. >> >> Discovering the *harder* way that adding a root key to your personal account >> is not the same as adding it system wide, meaning that the first information >> I got wasn't even accurate, only made things worse -- I could browse the web >> just fine, but stuff running as root from launchd was using a different set >> of certs that did not include this. >> >> Some sort of "Warning! This system is considered extremely vulnerable" is >> fine. But we see ATM's running windows XP, voting machines running Vista, >> etc. Old systems being used past their expiration date is normal. > > The ancient (and inadequately audited and reviewed, even if not ancient) > software on ATMs and voting machines should be a scandal. Although they are > (supposedly) more physically controlled than user desktops/laptops are, and > are at least INTENDED to be limited to specific kiosk-like functions and > nothing else, so they're FAR less exposed (software-wise) than a browser > accessing potentially anything, including once-legit sites that had been > hacked to become nasty. The risks are (IMO) NOT THE SAME. > >> Or do you think that 50 year old FORTRAN programs on 370 systems should be >> retired and the entire financial system forced to rewrite code used all >> around the world? > > A heck of a lot had to be fixed for Y2K, and some things that couldn't be > fixed were either replaced or tossed (including a few that were tossed simply > because nobody would take responsibility to affirm that they didn't use > dates, even though it was obvious). Been there, done that. It was only a big > yawn-fest due to a LOT of hard work. Same thing will happen again in 2038 for > any 32-bit Unix/Linux code, btw. That won't be modern desktops (just about > all of which are already 64-bit, some now 64-bit only), but a heck of a lot > of embedded devices may still be running that old code then. Fortunately I'm > retired, so assuming I'm still around, I won't have to deal with THAT mess. > >>> Sometimes, one has to work with what one has. >> >> Exactly. > > Ok, sometimes. In a retro computing museum. Or in a nonprofit with no budget. > But for anything serious, one REALLY should be aware of the risks, even if > that means going back to pen, paper, and snail mail rather than taking the > risks. Or else realizing that EVERYTHING they do where the information or > transaction has any value at all, is at greater risk of being corrupted or > exploited by hostiles if they're doing it on that old system, at least if > that system has Internet access. > > But basically EVERY computer, even if the physical box could last longer, has > support issues past 5 years old, CERTAINLY if one doesn't have a paid support > contract. I have a box that's industrial enough that it's 20+ years old and > has only had a drive or two (mirrored, so never any data loss) replaced, but > I can't (ok, won't) afford a support contract for it (there probably is still > support for an older OS version that could still run on it, those things were > built like tanks!), so I know I'm taking my chances. In other words, no > system seller is going to be on the hook to support an old system forever as > part of the purchase price; if they'll provide extended support at all, you'd > better expect to pay extra for that, every year. EVERYTHING costs, 'cause > everybody has to make a living, including the rich people and the little > people at the rich people's companies. Magic no problems forever does NOT > exist. > -- eMail: mailto:[email protected]
