You should check out TenFourFox. Some heroic developers have ported the latest versions of Firefox to old versions of OSX, including, it looks like, 10.4.
This looks really awesome for people with PowerPC architectures.
As part of the porting, though, are there security guarantees?
I imagine if they're re-written low-level implementation details they'll be opening themselves up to risk (not to mention the chance for backdoors). I wonder what their process is for fixing new security holes as they are fixed in firefox.
It looks like they are tracking ESR releases, which get security fixes and not much else, so keeping it updated is probably not too difficult, in the scheme of things. I think they don't have a JIT yet, so that also helps. When they do get a JIT, I doubt it will be economically viable for the standard malware writer to target such a tiny segment of the market.
In any event, it is much more secure than running Firefox 3.5, which has published exploits.
TenFourFox dev here [:spectre on Bugzilla]. Yes, we run on 10.4. The best reason to still own a Power Mac today is Classic. It's why I do.
We track ESR and occasionally backport later fixes. It was easier to do it that way than to have widget or gfx break on rapid release -- that way we have the entire ESR cycle to get it right.
10.4Fx does have a JIT. Right now it's a highly modified version of BaselineCompiler (I hacked BaselineIC to have better type and shape guards that take advantage of the greater ILP possible with the PPC integer unit), but I've had trouble getting our JaegerMonkey implementation to come into the Ion age. What we'll probably end up doing is blowing it up and rewriting it based on MIPS, since MIPS does many of the same things we have to and is much more like us than ARM (they do lui/ori to load 32-bit quantities, we do lis/ori; they have a link register too; they have similar branch stanza requirements). We have an unusually large stack as well, mostly for the stack frame requirements of the ABI. I hope to have this ready by 38ESR.
Security is a concern for the browser. I hate relying on security by obscurity, but as you say, we're a tiny segment of a tiny segment (while 10.4Fx will run under Rosetta, and some crazy people do, it's not our core concern). We don't run Flash or Java anymore because of Rosetta Flash and Flashback, or any other plugins, for that matter. Since Firefox implements NSS, that means we're not beholden to deficiencies in the Apple-shipped SSL or NSURL. Heck, since Mozilla implements its own media libraries, we don't have to rely on the system ones either. It's going to be a lot safer than a Webkit shell which has all of those dependencies and more.
As part of the porting, though, are there security guarantees?
I imagine if they're re-written low-level implementation details they'll be opening themselves up to risk (not to mention the chance for backdoors). I wonder what their process is for fixing new security holes as they are fixed in firefox.