Such soulless corpo design is not befitting of a project this nice.
People talk about 'polish' in design as a signifier of quality but my mind always goes to conching, the process by which cacao nibs are ground down over days to produce silky chocolate. You need to conch the nibs to grind them past the point that the chocolate has a gritty texture in order to get the nice smooth chocolate we all love, but what the process also does is grind down the sharper notes of the flavour. The further you go the more the deeper and richer notes are lost. So too a design language and brand can be conched to smooth it out for broader consumption, but you can go too far and lose the flavour.
But I see now that they actually updated the site.
> This page is not fancy because we are focusing on building the browser. :^)
I approve this message
Welcome to Ladybird - https://news.ycombinator.com/item?id=40845951 - July 2024 (94 comments)
The Ladybird Browser Initiative - https://news.ycombinator.com/item?id=40845954 - July 2024 (13 comments)
Ladybird browser update (June 2024) [video] - https://news.ycombinator.com/item?id=40838973 - June 2024 (1 comment)
Ladybird browser spreads its wings - https://news.ycombinator.com/item?id=40746804 - June 2024 (304 comments)
Ladybird browser update (March 2024) [video] - https://news.ycombinator.com/item?id=39889576 - April 2024 (2 comments)
Understanding Complexity Like an Engineer – The Case of the Ladybird Browser - https://news.ycombinator.com/item?id=39342887 - Feb 2024 (55 comments)
The Ladybird browser project - https://news.ycombinator.com/item?id=39271449 - Feb 2024 (284 comments)
Ladybird browser update (July 2023) [video] - https://news.ycombinator.com/item?id=36939402 - July 2023 (1 comment)
Chat with Andreas Kling about Ladybird and developing a browser engine - https://news.ycombinator.com/item?id=36620450 - July 2023 (65 comments)
Shopify Sponsored Ladybird Browser - https://news.ycombinator.com/item?id=36502583 - June 2023 (1 comment)
I have received a $100k sponsorship for Ladybird browser - https://news.ycombinator.com/item?id=36377805 - June 2023 (166 comments)
Early stages of Google Docs support in the Ladybird browser - https://news.ycombinator.com/item?id=33511831 - Nov 2022 (84 comments)
Github.com on Ladybird, new browser with JavaScript/CSS/SVG engines from scratch - https://news.ycombinator.com/item?id=33273785 - Oct 2022 (1 comment)
Ladybird: A new cross-platform browser project - https://news.ycombinator.com/item?id=32809126 - Sept 2022 (473 comments)
Ladybird: A truly new Web Browser comes to Linux - https://news.ycombinator.com/item?id=32014061 - July 2022 (8 comments)
Ladybird Web Browser - https://news.ycombinator.com/item?id=31987506 - July 2022 (2 comments)
Ladybird Web Browser – SerenityOS LibWeb Engine on Linux - https://news.ycombinator.com/item?id=31976579 - July 2022 (2 comments)
>Ladybird started as a component of the SerenityOS hobby project, which only allows C++. The choice of language was not so much a technical decision, but more one of personal convenience. Andreas was most comfortable with C++ when creating SerenityOS, and now we have almost half a million lines of modern C++ to maintain.
>However, now that Ladybird has forked and become its own independent project, all constraints previously imposed by SerenityOS are no longer in effect. We are actively evaluating a number of alternatives and will be adding a mature successor language to the project in the near future. This process is already quite far along, and prototypes exist in multiple languages.
>> "The idea that new code is better than old is patently absurd. Old code has been used. It has been tested. Lots of bugs have been found, and they’ve been fixed. There’s nothing wrong with it. It doesn’t acquire bugs just by sitting around on your hard drive."
>> "Each of these bugs took weeks of real-world usage before they were found. The programmer might have spent a couple of days reproducing the bug in the lab and fixing it. If it’s like a lot of bugs, the fix might be one line of code, or it might even be a couple of characters, but a lot of work and time went into those two characters."
>> "When you throw away code and start from scratch, you are throwing away all that knowledge. All those collected bug fixes. Years of programming work."
It's an older piece, but like good old code, it still holds up. Newer tools and technology have improved the creating of new code, but they've also made improving old code easier in equal measure.
I'm referring to the uh, retrospectively unfortunate decision I made in 2007 to start building large scale business app frontends in AS3.
I guess I should be thankful for the work, having to rewrite everything in TS from scratch a decade later. (At least the backends didn't have to be torn down).
I remember Flash as a complete, straight-to-business platform that allowed me to just focus on getting stuff done.
It was a sound decision back then.
We know from past experience that it takes an extreme amount of time and effort to harden a browser written in C++ against malicious web content. The Ladybird codebase is not particularly "old" in any sense of the word. Judging by Github's stats most of the code is less than 4 years old and it is still a long ways from being ready for general use. I think it's safe to say Ladybird still has a vast amount of work to be done fixing vulnerabilities that arise from lack of memory safety.
I find it quite plausible that the cost of re-writing the existing code in Rust is less than the cost of fixing all of the current and future bugs in the C++ codebase that Rust would catch at compile time.
People get in trouble when they decide to rewrite the whole thing. You might be right in this case, but I'm sure every person who began a doomed rewrite project felt the the benefits outweighed the risks.
Viewed in the rear view mirror of history, the Netscape rewrite was a good thing in a technical sense. As far as I understand it gave us the foundation for Firefox and the Gecko engine. It was just bad business in context because it let other browsers run laps around it while the rewrite proceeded. It let IE get a foothold that didn't shake for many years until Netscape became Firefox.
Rewriting the new browser in Rust would probably be similar from a technical POV. But from a business standpoint, we seem to be at an inflection point where a new browser might be able to enter in the cracks of discontent over sketchy AI features in Edge and the slow-boiling attempts to break ad blocking in Chrome. If they divert resources now to a rewrite, they could miss this opportunity to do to Chrome what Firefox did to IE.
It sounds like the plan is a Ship of Theseus rewrite anyway, so they'll get there in time without the risk of distraction.
Performance is a skill, probably one of the most important skills.
Rust is a darn language, not a skill. You can have performant code in rust and in c++ and damnit even in brainfuck if you care enough.
But the reality is that there is more performance oriented code written in C++ than in rust, and that matters.
These things are still true.
.. and repeat. ( https://news.ycombinator.com/item?id=40867280 )
Neither Javascript shall be needed to see anything on the Web - if not being essential for tracking and ads - but it's you who have to pay for it with that threadrippers (and no access to source data) ? Yes, it happend people are rich enough to belive that.
Making things simple and possible is the most important skill.
C++ also happens to be the only language in which that has been accomplished, so far. (The Rust components are relatively smaller, about 11% according to sibling comments.)
See also: AAA video games
And yet Chrome does it just fine, and Ladybird can render some websites properly that Servo cannot, curious.
Servo's rendering issues are a different class of bugs unrelated to performance: they are still working on the layout parts.
The web standards have lots of references between everything. This type of object oriented programming means having lots and lots of cycles in your object graph. This makes Rust very veeeery unhappy. The Servo people are trying, and they have been trying for a looong time...
There was a nice article about the GUI part: https://www.warp.dev/blog/why-is-building-a-ui-in-rust-so-ha...
These points are even more painful with web standards.
Here's a short video from Chris Wanstrath announcing our non-profit yesterday, and kicking things off with a $1M donation: https://www.youtube.com/watch?v=k9edTqPMX_k
Happy to answer questions :)
Thanks again for your hard work!
This is definitely more than a hobby at this point. I already manage 3 employees, with 3 more joining in the next month!
No kidding... how about get it roughly working on hacker news, and make it the hackers way to start each day, and pull in as much help and community as possible from here?
Are you planning on charging your users?
Though I don't fully understand why pulling funding for new browser technology was part of their strategy going forward. Servo was one of the projects that made me excited about using Firefox. I bet that big announcements about moving Firefox to Rust would have consistently bumped usage numbers. As much as people voice their opinions about the RiiR movement in the comments here, it's clear people love those kinds of projects just for the technical novelty. I know I do.
Between the lack of a business plan and your responses about licensing, I'm afraid I feel you're coming at this from a naive point of view. This is a seriously important line of software you're entering, please do take some time to take it seriously.
Will watch your progress and again, I genuinely love to see your project. Good luck.
Mozilla went that route and many are not happy with that.
So I am really happy for Kling and the project, that they managed what many others only dreamed about. Focusing on developement - delivering - building trust - getting funds.
Why do you want to change the plan, when it is working?
1. We keep the team small enough that there's always at least 1.5 years of runway in the bank.
2. We continue fundraising actively.
I don't know if people will donate for their browser like they donate for Wikipedia, but if it's able to bring joy to people, it could be pretty sustainable. Even Mozilla takes in $10M/year in contributions.
If they didn't give their CEO $7M per year, spent money acquiring businesses like Pocket, gave up their braindead attempts at monetizing user data while simultaneously running bizarre tone-deaf "free internet" studies, and just focused on the browser and improving the development experience (is there a worse open source project than Moz??), they might fare better.
Plus, while Firefox is their main product, it's been decades since Mozilla has been solely a browser company. It's like saying Microsoft should stop making Office because it detracts from their OS business. Companies can make more than one product. Some of those products are going to have shorter lifespans or smaller userbases than others and that's OK.
But I'm actually ok with a lot of the non-firefox projects that they have like the VPN.
What I do have an issue with is the foundation, throwing money away at various projects that have very little to do with making firefox better. From "trusworthy AI" research grants to giving 387k to the Mckensie Mack group or 375k to the New Venture Fund (I get Mozilla are lefties but what does this have to do with Firefox?) plus some other organizations that I can't even tell if they aren't just money laundering fronts as they don't appear to actually do anything.
That and the C-Suite being complete parasites. The CEO of Mozilla corp makes almost as much in a year as the Mozilla foundation makes from donations.
Remove the parasites and the senseless spending of the foundation and you could develop Firefox with the ~20% of revenue that doesn't come from Google.
Well, okay
We don't need another programming language.
(I hope it was a joke)
Indeed, I doubt very much that Ladybird will get there.
We'll see what happens as the lawsuit unfolds, but I'd be pretty surprised if there is proof that the discrimination was health-based and not due to the fact that he was the CPO who worked with Baker during whatever it was that made them decide to fire her.
[0] From the complaint:
> The board decision to removle Ms Baker was so abrupt that they did not conduct a search for a successor, resulting in the naming of one of their own board members, Ms Chambers, as interim CEO.
For example: the reddit AMA on firefox unofficial subreddit[1],the mozilla connect post on things they are working on[2]etc.
[1]:https://new.reddit.com/r/firefox/comments/1de7bu1/were_the_f... [2]:https://connect.mozilla.org/t5/discussions/here-s-what-we-re...
That's never gonna happen without substantial funding because a modern, remotely feature parity web browser is a gargantuan project even if every developer is a genius. Chromium and Firefox sit at 30 million/20 million lines of code respectively, modern web browsers are basically operating systems.
Mozilla doesn't rely on Google revenue because they love Google so much, they do so because they have hundreds of engineers to pay. A million dollars sounds like a lot but that pays for a handful of engineers for a year. That's not going to get you to 5% of Chromium or Firefox.
Over time, I expect them to diverge enough that this becomes impractical, as Ladybird now allows 3rd party code while SerenityOS does not. It’s up to the SerenityOS community how to handle this.
The JavaScript engine is our own LibJS, currently sitting at 94.3% pass rate on https://test262.fyi/ (although the number might be a little outdated, it's supposed to be higher! Need to investigate this..)
Once we get the desktop version into decent shape, we will direct more attention to mobile platforms. At the moment there's just too much important low-hanging fruit that's easier to develop (and debug!) on desktop :)
Also, any thoughts on having official communication channels on some open, freedom-respecting platforms, rather than Discord only?
Github I can understand to some extent, it's a convenient temporary staying place until they can afford, community-wise, to move to something truly open, but Discord? In this day and age?
What’s your recommended alternative?
So, IRC, Matrix (these can even be interconnected) for synchronous, mailing lists or forums for asynchronous.
And of course issue tracker, where some topical communication can happen as well, but that could completely be covered by mailing lists.
There's no reason to ever have anything non-open in your FOSS project's infrastructure.
Except, that it is easier to set up? What you describe sounds reasonable. But someone needs to set all that up and host it and needs to be trusted etc.
So I guess if many people get involved and do set this up, they would convince the rest of the team to join them. But right now it is just a demand for more work for them.
Because that is a project in itself and as much as I despise discord, I understand why they just went with it.
And as for me being there for years to come, who can say that for sure? I would absolutely try to. For that matter, will Discord still be here next year?
Probably way more likely, than a random volunteer. Kling said they used discord because it was easy. No energy spend there. Migrating the communication structure is work and energy. Friction.
But so far I also did not followed developement closely, because I did not set up discord yet and do not really want to. But I realize I am not in the majority here and I do not think I am in a position to demand anything here. Your words sound a bit like demanding something.
As for random volunteers disappearing, the protection against that is easy - increase the bus factor, by multiple people having necessary access, and by keeping your infrastructure documented. This should be table stakes for any project that becomes even marginally popular.
Then, if a random volunteer disappears, things might slow down due to lack of manpower, sure, but not come to a screeching halt.
You can't increase bus factor with Discord, since it's out of your control.
That is not easy. It works till the first drama and then some angry person deletes it all, or changes and takes the keys with them. So you have to really take care who to trust.
"If the project leadership does not see a value in using open infrastructure"
And I do not think he ever said that. He just said it was easier this way for the moment. Not that discord is meant to be the solution till eternity.
Simply put, this approach is proven to work. We can always "butwhatif?" ourselves into a corner and get paralyzed because of that, but it's senseless.
So I totally agree, that there are tons of examples where it worked and in the long term I also think they should switch to something better, but for the moment I see why they don't, as it is working for them as it is.
(However, GitHub is accessible by git in case you only want to download the repository, regardless of what else they do; however, having multiple mirrors on other services as well can be helpful)
Discord IS the platform of this day and age, what the hell are you talking about? You might not like Discord for whatever reasons, but trying to make it sound outdated or legacy is very weird sounding.
It is a non-starter.
Not public. Got to register an account and accept Discord ToS first.
There was a hype for discord about 5 years ago for EVERYTHING - discord servers were made for every little thing and there was little to no objection about it.
But in recent times, I have seen many people complain about the lack of searchability, discussion-thread management, and other stuff in Discord and moving away to forums, especially for software projects. There is definitely a lot more disgruntlement with Discord today, so their statement makes sense.
And we're perfectly happy using proprietary services like GitHub and Discord as long as they make our work easier and more enjoyable. We recently evaluated a number of alternatives, and found that they all introduced more friction than we were comfortable with.
Although the task of building a browser is itself challenging, we're a pragmatic project :)
Hey, just a reality check: in the event that you actually do become wildly successful, this means that others (Google, Microsoft, etc.) will be able to fork the browser and then develop it faster than you - thus leaving you behind and taking away your users! Would highly recommend leaving yourself some mechanism to prevent that, unless you're really okay with the project defeating itself through its own success.
Neither is Safari. Safari is actually part of the solution. Safari has saved Firefox and other browsers by being the only option on iOS for a long time and a better choice for many (because of battery usage) on Mac OS. Without Safari I am afraid we would all be locked into Chrome now.
The problem is that Google, like Microsoft before them,
1. used their dominant position in one market to force their way into dominating another market,
2. used various underhanded tactics to make users think Chrome were better while in reality it was just given better treatment by their backend servers and also the Googles frontend devs[1]
3. and that unlike Microsoft they still haven't got a multi billion fine for it and haven't been forced to advertise alternative browsers for months.
[1]: see various bugs[2] in everything from the core of the Angular framework to Google Calendar to YouTube
[2]: yes, I am generous enough to consider them bugs. I am fairly certain though that bugs that doesn't affect Chrome aren't exactly considered top priority.
Amazing. https://en.m.wikipedia.org/wiki/1984_(advertisement)
But more seriously: it is actually the truth.
Kind of in in the same way that people are thankful for Churchill: not because he was a fantastic man in every way (he wasn't) but because he saved us from something even worse.
If you have to convince people that you are seriously telling the truth, you are probably making an unproven assertion that relies on many benefits of the doubt.
I even thought it wasn't necessary to test them separately but I recently heard from someone with more and more recent experience that some differences exist, particularly around prefixed css attributes. Can't say for sure though, but that was why I wrote my comment above somewhat defensively.
> Google, like microsoft, <1-3>
If you're going to complain about 1-3 for google and ms, I don't think you can praise safari in the same breath.
Apple's abused their position with the iPhone to make safari relevant, and unlike Chrome and IE, users can't just install another browser.
Apple's behavior is the only reason I can't run my own addons I've written for firefox on iOS (they run _fine_ on android of course), why I can't run uBlock origin on iOS, and so on.
Apple's behavior on iOS is far more egregious than anything microsoft or google has ever done.
I never once had to run IE or Chrome unwillingly since I could always install netscape, or mosaic, or firefox.
I'm forced to run Safari, unable to decently block ads, unable to use the adons I've written, unable to fork and patch my browser to fix bugs, and I've generally had my software freedoms infringed... and if I don't run safari, then I can't talk to my family group chat (no androids allowed, sms breaks the imessage group features too much) or talk to my grandma who only knows how to use facetime.
I wish so much I could use a phone with firefox, but I can't justify having a spare iPhone just to talk to my family, so I'm kinda forced to suffer through safari, held hostage by apple's monopolistic iMessage behavior.
The only thing that comes close to Apple's behavior is Google's campaign to force Chromebooks upon children in classrooms, requiring them to use Chrome, but at least Google isn't holding their grandmother's hostage... and managed work/school devices already are kinda expected to have substantially less freedom than personal devices, so it feels much less egregious.
If people don't support Safari, it's because the free market has spoken and overwhelmingly chooses alternative options: https://gs.statcounter.com/browser-market-share/desktop/worl...
The story would be different, if Apple wasn't miserly with their native APIs and App distribution. But this is indeed a harmful and competition-restricting decision, even in Mozilla's opinion: https://mozilla.github.io/platform-tilt/
So I think we can safely assume that Apple's policy harms browser diversity by forcing their users to support a single minority option. If their users preferred a more feature-filled browser, we would never know; they aren't sincerely presented an alternative choice. If Apple wants their users to defend Safari, maybe they should invest in it until their browser (or Operating System, for that matter) competes with Chrome. Until then, they're promoting a megalomaniac solution and being a sore loser about it at the same time.
You mean the company dominating the internet heavily promoted and pushed users towards its own browser.
> If their users preferred a more feature-filled browser
Where by "feature-filled" you mean "all the Chrome-only non-standards because free market or something"
If the company dominating their hardware did any better, maybe the majority of them wouldn't leave Safari. If Apple doesn't want to build a competitive browser, then they need some (non-anticompetitive) strategy to retain their users. Otherwise we're doing the Microsoft Shuffle again.
> Where by "feature-filled" you mean "all the Chrome-only non-standards because free market or something"
No, at this point I really do just mean "feature-filled". iOS has notoriously restrictive APIs and it makes full sense that those users would want a browser do do the things Apple prevents their iPhone from doing natively. At the rate Apple's heading, I wouldn't be surprised if next-gen iPhone apps were just PWAs that hook into WebGPU. Big-business has no reason to keep living under Apple's thumb, and market regulators can't justify it in Europe, Japan or even the United States.
Apple doesn't dominate all of hardware. Google, however, dominates major access points to the internet, and used it to aggressively promote its browser.
> No, at this point I really do just mean "feature-filled".
I doubt it
> iOS has notoriously restrictive APIs and it makes full sense that those users would want a browser do do the things Apple prevents their iPhone from doing natively.
Ah. So you are talking about Google-only non-standards
> I wouldn't be surprised if next-gen iPhone apps were just PWAs that hook into WebGPU
Android has been the dominant OS for over a decade now. It has no real or perceived limitations of iOS. We've yet to see a single amazing PWA future we hear so much about.
Then maybe it's time you gave Android another try. Chrome runs on mobile just as well as it does on desktop, so any of the web apps you use on your computer work fine on phone too. It makes modern Safari look like a tofu browser substitute by comparison.
So?
> so any of the web apps you use on your computer work fine on phone too.
So where's the amazing PWA future we hear so much about. All the "amazing web apps" we hear about are shitty slow bad monstrosities that can barely display a few lines of text without jank.
The very few actual great apps which are made ad great engineering effort and expense (like Figma) don't run in full mode on mobile for obvious reasons.
So, my question remains and you haven't answered it.
Edit: There are some web apps here and there which are surprisingly good. E.g. I'm quite impressed by Foodora's app. And it runs well on iOS, too. However, 99.9999999% of the "great PWA future" is just garbage despite the "Chrome runs just as well on Android".
Although Orion also has built in a (simpler) implementation the most important Firefox for me and I assume many others, tree style tabs. Orions built in version doesn't have the full customizability from TST but it works and presents tabs nested by what tab the descend from which is the most important feature.
How is MIT any worse at preventing this, when GPL didn't?
B: "Ah I see that means we should just give up all measures, instead of you know advocating for stronger measures or anything else obvious and logical like that."
This only means we must start any projects today with stronger GPL or similar variants such as AGPL.
You had a security breach, despite using a better set of technologies and techniques.
During the postmortem, you suggest this means we should give up all security or just use the weaker solution, since its all the same, the server would have gotten breached in either case.
Instead of advocating for building a stronger security.
If someone forks our code and does a better job with it than we do, fair game. :)
But ultimately this is all developers' decisions and I respect that. If anything, if a major company decided to take off and invest, they could do it in any case, publishing their modified source code would not make that much of difference essentially. It is really refreshing to see at last a browser that does not absolutely depend on google's resources in any way.
The browser: Chrome. could be kept closed because the LGPL allow the integration of libre libraries in closed products as long as the library itself remains "libre". In this case the library is the renering engine: Chromium.
As a counter example MacOS was built on top of decades of work on the BSD operating system and Apple is under no obligation to give the code back to the BSD project... and it doesn't.
So the most valuable company in the planet took from the community and it doesn't bother to give back.
For some of us that is unacceptabme.
Although... this still doesn't explain why the other parts of the browser besides the rendering engine are open source? i.e. if the license was the reason, then presumably Google would've made the rest of the browser closed source, but that wasn't the case for most parts.
Let me see if I have this right:
>For some of us that is unacceptabme.
1. So, Apple, creator of macOS, "the most valuable company on the planet", followed the rules of the BSD licence,and that is unacceptable?
But, Google, a company that is also highly valuable, and the creator of Chrome, also followed the rules of the LGPL licence, but that is acceptable?
With BSD companies are under no obligation to release their changes, and like any self interested party, most don't.
ANd give very little back. Like Apple on top of BSD or AWS on top Riak.
For people like me that find that unacceptable exist the GPL licenses.
No you couldn't. What would happen is your project would be a complete non-starter for many companies; either in use of, or developing for.
"Ah that means we must remove all security protections, instead of you know further strengthening security."
If older GPL failed, this means we needed a stronger license...such as AGPL, or in future something even better, instead of giving up and saying we should have just given them shit on a platter.
But then Badcorp takes the code and builds their own varient with extensions. Badcorp is big and has lots of market share. Lots of people use Badcorps's browser, and because lots of people are using it, lots of web developers code for it, including coding for its extensions.
Soon, lots of websites -- including Badcorp's own websites, and they have lots of popular ones -- use the extensions in the Badcorp browser.
Then people still using Ladybird can't use it for most websites. They have lost something.
What have the original BSD users lost? Absolutely nothing. BSD still exists, it’s still maintained, and people can still use it. They can also use fruit BSD if they want.
With an OS core, interoperability isn't really important. Existing BSD users presumably weren't too interested in buying shiny new Macs to run their BSD OS on, so Apple using BSD as the core of their OS really didn't affect them. Moreover, existing BSD users didn't need to interoperate with the new MacOS users. An OS isn't some kind of network protocol. BSD users could work with MacOS users just like users of any other OS, using existing network protocols and other standards.
The poster child for the BSD/GPL argument on the GPL side is usually Microsoft's "embracing and extending" of Kerberos. It's a network authentication protocol, licensed with a BSD-like permissive license, and Microsoft infamously forked it, creating their own proprietary extensions. This resulted in only non-MS users not being able to fully interoperate with MS users.
We do already see cases now where web developers write websites targeting Chrome-only browser extensions instead of sticking with standards. In theory, if this happened with Ladybird, it should be possible for the original devs to simply add their own versions of these extensions, but how feasible that it I'm not sure. Currently, there's Chrome-only extensions which apparently haven't been implemented by Firefox for some reason, so maybe it's not as easy as it sounds.
1. All the BSDs have been out there for decades without anyone running with it.
2. Google and Microsoft - while being a shadow of their former selves technically - are probably still very capable of reimplementing whatever they want.
3. If Ladybird gets so wildly popular, lets celebrate wildly!
I am aware that it builds on BSD.
Yet BSD is very alive and nobody who wants BSD is lost to Mac.
At least I personally have never heard anyone deliberating over a free BSD vs Mac.
Edit: and of course upvote. Apple ran with it. But they didn't run away with it. We still have it. Actually we have some patches thanks to them. As I mentioned in my other reply: Open source is not a zero sum game.
In a relative sense, I would argue that Apple has pilfered an order of magnitude higher value from the community than they have given back. The only example of Apple's net-positive contributions seem to be CUPS and LLVM, both of which were cross-platform before Apple took control. Compared with how much networking and userland code they've taken it feels like a trillion-dollar pittance. Even Microsoft chips in more.
They do? With what? (Besides Linux kernel drivers that are only useful for running Linux on their own VM solution.) I guess VScode, for people that use it?
CUPS is fantastic, though you're right, it was cross-platform before Apple took control.
I take objection to the use of "pilfering" to describe usage of software according to the terms specified by its authors.
Or would you somehow argue that some features disappeared from BSD thanks to Apple copying their code as they were expressly allowed to in the license?
Furthermore, even if it wasn't free software but rather MS Windows or a "pirated" movie many people here would argue it wasn't theft but just unauthorized use.
As their primary workstation?
(Yes, PS3 ran Linux in the beginning.)
Have you caught anyone deciding to go with Cisco instead of BSDs on their servers or their laptop?
I'm serious here: Open source isn't a zero sum game.
Partially thanks to the permissive license of BSD we now have both Mac OS and JunOS (edited: it said Cisco first), which is a good thing, not a bad thing.
The problem with Chrome isn't that it exist but that it has been forced upon us and the fact that we know they have used questionable methods to establish it as the dominant browser.
Cisco IOS is absolutely not based on BSD - it is a proprietary kernel, and such that it even has a “userland”, a proprietary userland.
IOS XE is based on Linux.
Most of the voice stuff is Linux.
Perhaps you are thinking of Juniper’s JunOS, which is based on FreeBSD?
It is used in Cisco's email and web security appliance, which is also their hosted offering. This appliance was previously known as IronPort, before being acquired by Cisco.
Slow computing it's sometimes called [0]
I sometimes experience some friction (really acceptable though) on Firefox, it has never lured me to Edge of Chrome. Some people have standards you know ;)
It's rather condescending of you to assume that the developers of Ladybird aren't fully aware of the consequences that their choice of license entails.
Also, I don’t think intellectual property is real and so I don’t think I can make demands on the users of my code: it seems to me that there’s an implicit contradiction in the GPL between the FSF’s anti-IP stances and their attempt to control how their software is used using IP constructs.
Secondly, my game theoretic argument. Lets say a powerful corpo takes your code and makes something that turns out very useful and popular. If it was BSD, they have no obligation to share anything back and your original project is left to dry and rot. If it was (A)GPL they are obliged to return the changes, and then you can absorb their changes and beat them to the punch. Its more competitive and creates a stronger capitalist environment. BSD's end state is feudalistic, GPL is capitalistic.
Also, I trust you'd be happy to have your code MINIXed, to have your code end up in closed source bootloaders locking down your new ARM laptop, and so on. At least with GPLs you get some code dumps. At least with Androids we end up with a begrudgingly shat out Linux source dump, that helps a little at least. With iPhone you got, absolutely fucking nothing, nil, nada. I am just suggesting please do not complain if BSD works ever end up creating such a world.
Whereas if the company had forked a BSD project, there is no such legal recourse for me if the company chooses not to share the sources, at best you can hope to talk to them/pressurize them but of course that is most cases futile. As a user its much more inconvenient for me, I need to use advanced debuggers, disassemblers, etc to debug or modify. Sometimes even that does not work.
As a user, GPL/AGPL provides me far more convenience by default than "permissive" licenses do. It gives me an assurance I can just as easily see and modify the sources of any forks of the project, and if in any case such fails, its only because it wasn't strong enough, for example using GPL software in SaaS, due to which stronger licenses like AGPL were invented.
So, that fetish for infinite growth... can we get rid of it?
Firefox keeps trying to grow in various directions and look where it's taking them.
License "permissiveness" is a relative concept. From the point of view of the users of your software, the GPL is more permissive than MIT, since they have permission to see the source code. If you release software under MIT or BSD licenses, you allow middlemen to strip this right to users of your software.
I know that’s not what you meant, but it is what you said.
Permissive licenses doesn't grants you less freedom than GPL, infact it grants you more because the user also has the freedom to modify source code without being enforced to make it public.
Companies copying the codebase to their propietary ones won't automatically strip right of users, licenses don't work like that, the original codebase will still be fine. Whether said companies will contribute back is irrelevant.
I license all my stuff with permissive licenses because (in my opinion) they are more free than the GPL and such licenses. I don't have any massive for-profit company pushing me to do so. Mr. Kling is also not a massive for-profit company, he's just a guy making the software he wants to make. Your argument is in very bad faith.
That's not true.
Somebody can take the source code and build something closed on top of it, but the original code will be already free, and you will always have the right to see it.
For example, PlayStation OS is based on FreeBSD (AFAIK). They took it, adapted it and added a lot of stuff. Did you lose the right to see the source code of FreeBSD ? No. Can you see the source code of PlayStation OS ? No, but you never had that right, so you have not been stripped of anything.
Of course it doesn't change the original project. But when people take the codebase and build a new product on it, what GP says is absolutely the case. The devs can withhold all code and rights to it from the next user. This is most commonly an issue when it comes to libraries rather than end products, but not always.
It doesn't also have to mean that the original project dies or disappears, it can just rob from their growth potential. Examples are quite easy to find. There's been a big hullaballoo over cloud providers taking open source projects and competing with them by offering managed versions of the service that are well-integrated into their ecosystems. Economically this is also a problem because the cloud provider can then undercut the price of the managed service compared to the official one since they aren't bearing the burden of building/maintaining the codebase.
I'm by no means against "permissive" licensing (MIT, etc), I think they have their time and place just like GPL, etc, but I am against dismissing valid concerns with shallow replies.
The first freedom that GPL-lovers have is whether or not to use the project.
At least not now or the foreseeable future. I also don't think community support would work towards that.
I'd favor the more permission mit/isc as long as reasonable myself.
No you don't. You're being extremely disingenuous with this phrasing. No matter how many other parties take the source code and make a closed source product out of it, the users of your software will always have the same rights you granted them to begin with. No freedom has been lost.
And before you say "but your users won't have the same rights to the derivative works", that isn't a loss of freedom. They never had those rights to begin with, therefore they cannot lose them. Not gaining something is not the same as losing it.
https://gavinhoward.com/2023/12/is-source-available-really-t...
So he knows that corporations can take open source browsers and make it proprietary.
This immediately comes to mind as akin to the Signal vis-a-vis WhatsApp etc. Here there is an obvious reason to use Signal and a well-understood proposition. What might it be for Ladybird? And how will you differentiate?
That said, I do think we'll find ways to differentiate given our uncommon situation with no ties to the advertising industry. This gives us the ability to experiment with privacy measures more aggressive than others may be comfortable with for fear of losing funding, for example.
Our own approach to privacy is as radical as it gets in search: "No Tracking, Just Search". As we often say: tracking, not ads, is the fundamental problem. Contextual ads do not need necessarily to have tracking. Though the duopoly of search ad networks makes that a hard road too.
Good luck. Excited to see how Ladybird progresses.
By building a new engine, we can increase ecosystem diversity and put all these open standards to the test. We regularly find, report, and sometimes even fix bugs in the various web standards - stuff we find just by being the first to try and implement everything from scratch in a long time!
We also believe it’s good for the world to have more engines that aren’t directly or indirectly funded primarily by the advertising industry.
No? There are tons of valuable contributions, pure and applied, that "people" (markets) do not pay for at all, or pay pittance relative to their usefulness.
Here's a tweet with a couple of diagrams that illustrate how much control Google has over all browsers (including Firefox and Safari): https://x.com/awesomekling/status/1793937129250214344
What languages have prototypes and where can I learn more?
But, ladybird is one of the coolest things I saw in 2024!!!
Servo wants to build an embeddable engine for controlled sets of HTML/CSS/JS content, with a focus on modularity and parallelism.
Ladybird wants to build a usable browser for the open web, warts and all, with a focus on compatibility and correctness.
I'm a big fan of Servo and I hope they become a huge success! Competition and new ideas in browser engines will benefit all of us! :)
That’s what they pivoted to after being expelled from Mozilla, but that wasn’t the original goal, was it? It’s the safer(?) one they turned to when the job security evaporated.
(Not sure if that changes anything, just feel obligated to point out the retcon here.)
It is just extremely rough. It is in a far less-usable state than Ladybird even is and very prone to crashing.
They always aimed for a better embeddable story than Gecko. That and more parallelism in layout and processing.
> It’s the safer(?) one they turned to when the job security evaporated.
Not safer, more like saner multithreading story. Safe rust isn't so much for security as it is safety in a parallel context.
Re “safe”, I meant that targeting the embedding usecase is safer in a social and project-planning way, as in smaller probability of other people calling them nuts and greater probability of getting something usable in a finite amount of time. Which is fair enough.
You seem to be under some impression that Servo before Mozilla layoff and after Mozilla layoffs are the same? They aren't. I mean, the code is a continuation of effort, but the people who worked on it before and after the Mozilla exodus aren't the same.
Servo originally did have the same goal of better embeddability, but after it's resurrection it's only the same by mostly coincidence. Sponsors (Tizen IIRC) wants a fast embeddable browser. That's about it.
If there is a difference between how specs define something, and how browsers behave (and website expect them to behave), will you choose technical correctness or websites actually functioning?
Technically this has been the big problem of HTML5 vs XHTML, and "technical correctness" lost to actual usability.
Firefox has often been forced to just conform to Chrome behaviour, despite differing specs, or because the spec was rejected/not agreed upon.
and the code (at least a large part of it in the form of Chromium) is Open Source. I don't think it's as bleak as people make it out to be.
1. Legacy hardware support. Is it a goal for Ladybird to build for 32-bit and big-endian CPUs out of the repository?
2. Electron. Do you have any plans to work on an Electron alternative based on Ladybird further down the line? No free Electron alternative other than Sciter seems to use the same browser engine on all platforms. There may be value in one that implements the latest web standards.
2. No concrete plans, but it's not outside the realm of possibilities.
Sounds good. If it also makes it into Serenty OS eventually, it would suddenly make Serenety OS a lot more accessible and useful for way more people. But I think you are aware of this and also of the challenges.
Building a working browser is hard enough on its own.
But please do consider putting up some screenshots of the browser - including how it renders the popular sites.
Does Ladybird still follow that ideal?
Going forward, we want to support the open web as it exists, so you can actually use Ladybird to interact with all your websites. We may not agree that every web platform API is awesome and perfect, but we will honor the open standards to the best of our ability.
We benefit greatly from this of course, and we will do what we can to contribute when we’re mature enough!
That said, there will always be websites relying on bugs, and for that we will need a way to selectively emulate alternate behaviors in some cases. We are looking at a few different solutions for this but it’s not a huge priority right now as there are far lower hanging fruit in front of us.
That said, Ladybird is obviously far from becoming the daily driver for the average webizen. What do you think is going to be the first milestone where Ladybird is going to be able to be a real alternative (even if limited to certain use cases) and in what timeframe do you think this can be accomplished?
Also, do you already have any plans or ideas for how to improve the web browsing experience beyond what existing browsers provide or is your focus entirely on the engine catching up for now?
At the moment, we are focusing primarily on our own use cases as developers, since those are the easiest to test and qualify. So websites like GitHub, web specifications, MDN, etc. are likely going to be very high fidelity before other parts of the web catch up ;)
> Also, do you already have any plans or ideas for how to improve the web browsing experience beyond what existing browsers provide or is your focus entirely on the engine catching up for now?
We are definitely focused on the engine catching up right now. There is an incredible amount of work to do, and we're doing the best we can :)
Well the impossibility isn't so much in making a browser but making a browser that manages to get a chunk of web audience.
That means presence on mobile, feature and performance parity with Chrome, surprasing Chrome on some level (e.g. Safari having better vendor lock-in).
I'm doing my part to break the cycle by supporting the underdog by using Safari as my daily driver & developing primarily for Safari & Firefox.
Or a viscous cycle of continued development. There are definitely things that Chrome does that nobody else should copy, but there's also a lot of stuff like WebGPU and WebRTC that should be standard. Firefox doesn't drag their feet in the same way Apple does, and they certainly don't resist standardization by trying to limit what a user can do on their device.
I have no real love for Google. ChromeOS sucks, Android is only tolerable when you de-Google it, and YouTube is perpetually regressing to a shittier state. But Chromium the browser is great, and it's the only browser I install on my Mac or Linux box when I get set up at work. I want to love Firefox like I used to, but Mozilla as a business is just about as functionally inept as Google or Apple at this point. I'm done trying to be a browser ideologue, I'm embracing post-browser realism here.
I genuinely enjoy Safari as a user more than Chrome. As a developer the dev tools suck. But as a user - the UI is far more minimal and nice. Every single action feels 2-3x faster, from opening and closing, tab opening or movement, etc. Battery lasts significantly longer. And I never really run into anything that doesn’t work, ever. Plus never worry about the latest hidden checkbox I have to find to not have my data soaked up. Hide my email is also dope.
The more responsive and thoughtful UI and battery/performance alone would have sold me. But the privacy and modern features it’s gotten over the last years make it better imo.
Just want to give a perspective as I feel people should update priors from 2021 “Safari is the new IE”
Sure they have recently implemented some features like IndexedDB but the data does indeed show that they dragged their feet!
Literally no? We must not be on the same page, both of the technologies I namedropped were Chrome and Firefox exclusive for a half-decade. And they're certainly not the only features Mozilla and Google agree upon; Apple deliberately gimps features that benefit PWAs so that browsers artificially cannot compete with their native apps.
> Just want to give a perspective as I feel people should update priors from 2021 “Safari is the new IE”
I'm sorry; people will keep calling Safari "the new IE" for as long as Apple carbon-copies Microsoft's Explorer strategy from the 90s. You can run from it, insist it's not true, but Apple will clutch to their ecosystem control whether it's rational or not. This is why we have to antitrust them, to stop the market from more of their irrational self-serving harms.
What is WebRTC good for? I've never understood. It probably has some use for in-browser video chats, but other than that?
I'm asking because at some point the Chrome you are praising prevented my Mac from sleeping for like half a year or more because 'webrtc has active peer connections'. I had no conferences open in the browser, just - i thought - regular web pages.
So what can you do with WebRTC behind the user's back then, and why is it moral to do it?
Be careful when listing those features. Many of those "encroaching" are Chrome-only non-standards
You do know that Apple is basically the original author of WebGPU, right (together with Mozilla)?
> I wonder why Apple would deliberately avoid an API that might obsolete the requirement for games to use the App Store
And your fantasy of Apple deliberately avoiding it is based on what exactly?
https://webkit.org/blog/9528/webgpu-and-wsl-in-safari/
https://webkit.org/blog/14879/webgpu-now-available-for-testi...
Apple is the original author of a lot of tech they end up abandoning. Certainly a lot of Khronos IP, paging through their history.
> And your fantasy of Apple deliberately avoiding it is based on what exactly?
Based on a 4 year (!!!) porting time from MacOS Safari to iOS Safari. Basically textbook feet-dragging there.
Doubtful
> Certainly a lot of Khronos IP, paging through their history.
Everyone abandons Khronos IP, or doesn't really supports it, paging through history in general. Because Khronos IP ends up a designed-by-committee crapfest. Meanwhile WebGPU is not and has never been a Khronos IP. It's developed within a w3c working group: https://www.w3.org/2020/gpu/
> Based on a 4 year (!!!) porting time from MacOS Safari to iOS Safari.
Based on a 4-year porting of what from MacOS Safari top iOS Safari?
- WebGPU spec is literally in draft status, so things can still change. It's literally in stage 2 of 5 of spec development
- Neither Safari nor Firefox have enabled WebGPU yet. The fact that Chrome rushed and enabled it by default does not make the spec or the standard finished and ready to be enabled everywhere
- webgpu can be enabled with a toggle in advanced settings in Safari on iOS (as is the case with most new features for in all browsers)
According to Hacker News readers, the ladybird shouldn't be able to compete in the browser space. It's too difficult, the spec is too large, its competitors have large pockets. The ladybird tries anyway, because ladybirds don't care about what HN readers think.
Inspired by https://www.goodreads.com/quotes/823379-according-to-all-kno...
Best of luck!
Of course, it has a long way to go before it is going to be a good daily driver, but I truly believe this is the beginning of something great. I've been consistently surprised by what works, and the rate of improvement is staggering at times.
My question: Has anyone given any thoughts regarding the stance to take with DRM features, e.g. Widevine/Encrypted Media Extensions? It seems like since our previous stewards of the open web didn't care enough, now making a browser with substantial marketshare without this may be hard. Seems like a hard problem, I really do wonder where Ladybird will stand if it continues on its current lightning fast trajectory.
I don't think it should have to be in the browser. I would like the option to watch the content. I know the while process of DRM is stupid and will be side stepped somewhere.
From my point of view, putting DRM into web browsers is actively bad for a couple of reasons beyond the usual arguments against DRM. The greatest asset the web platform has is that it's a unified, open platform that anyone can participate in; Of course, DRM harms users too, but specifically DRM harms the web as a platform. You can't simply have a "full" web browser that can browse the entirety of the web (as ordinary users understand it) without licensing Widevine. To date, only large corporate web browsers have ever gotten this privilege[1]; community web browsers are shit out of luck, almost certainly forever. Not only that, but Widevine will only officially support a small subset of the operating systems that are out there, ensuring that you can't get a "full" web browsing experience on, for example, any BSD (at least not without manual work and violating several license agreements on the way.) Even if Ladybird bucks the trend and manages to get a Widevine license somehow, it will only be possible to make this work on Windows, Linux and macOS. Yes, I understand this covers the vast majority of users, but if you can't see how this is extraordinarily antithetical to the open web I don't really know what else to say. The web didn't even begin on any of those platforms!
Of course, I seriously can't blame Ladybird if they want to go this route. After all, in the position that Ladybird is in, pragmatism is a stance that is hard to beat. Ladybird currently doesn't have the muscle to flex to try to influence the future of the web platform in such a way, especially not against the will of the mega-corp overlords that currently control the web platform.
If I had to guess, I'd guess the lack of an answer to my question is because taking the pragmatic stance on this particular issue will prove controversial, though I hope if that is the case that people continue to direct their ire towards W3C and Mozilla who pretty much immediately folded when the issue came up in the first place. In the moment when Flash and Silverlight died, there was a small sliver of hope that DRM on the web would die with it, but instead we wove DRM directly into the fabric of the web, and Mozilla, no doubt afraid to watch their marketshare dwindle even further, (which it has continued to do anyways, mind you,) played a huge part in that.
Issues like this are why there is guaranteed to be vile toxicity when something like WEI comes up. We know that there is no entity out there holding the line to protect the web platform; once one of these technologies like WEI makes it into Chrome, the era of the open web will have essentially ended. If you believe that the open web is important, then any technology that's vaguely WEI shaped is enemy #1, and when there is no other option, people will choose violence, again and again. DRM on the web isn't really quite as dire of a situation, but it isn't particularly great either.
(One might wonder what the point of keeping DRM out of the browser is, forcing users to use separate software, making their overall experience worse... but that's kind of the thing: Why in the fuck should these vendors and this DRM'd content, that is antithetical to the open web, get to benefit from the web platform built and used mostly by people who stand to gain nothing from it? If you want the benefit of the web platform and all it offers, you should be forced to lose the DRM. Otherwise, have fun deploying your own native software.)
A web browser is a user agent. Why is the browser deciding anything one way or another? Let the user decide by providing options one way or another. If the user wants DRM access, let them; why is it the browser's business?
Again, the two important words: User agent.
The freedom to decide and choose is what helped Firefox take out IE6 and led to most subsequent browsers featuring some form or another of extensibility (which incidentally is now regressing because web browsers are increasingly developer and publisher agents).
Secondly, users don't really get a choice. Users are fucked because browsers implement features like DRM and websites hard-depend on them. So the user is no longer choosing whether or not to enable DRM, but whether or not they can watch Netflix on their laptop. User agents should not put users in predicaments like this where they are forced to make choices against their own interests. This is one of those situations where nuance is necessary.
No matter how much you opine the outcome is not going to change, the end users have spoken in what they want in their user agent.
> Secondly, users don't really get a choice. Users are fucked because browsers implement features like DRM and websites hard-depend on them. So the user is no longer choosing whether or not to enable DRM, but whether or not they can watch Netflix on their laptop. User agents should not put users in predicaments like this where they are forced to make choices against their own interests. This is one of those situations where nuance is necessary.
That's why it shouldn't be a part of the web platform in the first place. Because we shouldn't force users to make choices against their own interests.
Here are some other examples of where we shouldn't force users to make choices against their own interests:
- Users should not have to give up their rights to be able to access legally-mandated warranty services or replacement parts.
- Users should not be forced to accept being tracked.
- Users should not be forced to forfeit their right to be a part of a class action lawsuit to use a product or service.
Try as you might, you're never going to convince anyone that the free market will just magically make all of the incentives align and make "the right choice", these are things that ultimately have to be solved with policy. The closest thing to "policy" on the web is standards, and W3C put EME in the standards despite widespread outcry, and that's why we're at where we're at.
Now the thing is, we have DRM in browsers, but we still don't have Web Environment Integrity, a complete and utter bastardization of the open web that would've made it cryptographically impossible for an open source browser to really meaningfully exist (since compiling it yourself would likely make it impossible for you to e.g. do banking or watch Twitch streams, since it would then fail attestation.) The reason we don't have WEI is because it was widely rejected by the community. Not because users made a choice.
It's nice to think that you can just leave it to the users to pick and they'll always do the right thing, but at the end of the day most people don't have time to care about DRM or WEI. Most people are not technical and just simply don't have the capacity in their day to be concerned about things like that. That's why it's literally the job of people who do have that capacity to fight for the user's best interests and try to avoid users being put into positions where they are basically guaranteed to be fucked.
And frankly, we're not winning the fight.
(This is no different from anything else. The vast majority of people can't be expected to fight for e.g. free speech rights either; it's always going to be a minority of people who hold the line.)
>it's literally the job of people who do have that capacity to fight for the user's best interests
A user agent should not be concerned about "doing the right thing", that's none of its business. You are proposing a developer agent, not a user agent.
This is also now the third time in this reply chain where I will point out that I am objecting to the inclusion of DRM technology in web standards, where this pitiful semantic debate about what a user agent is for doesn't even apply in the first place. What is fit for the open web platform and respective standards has nothing to do with decisions made by user agent developers. I am not going to point this out again. Further replies that try to drag this semantic debate out are just going to go ignored by me.
No, a user agent's sole job is to represent its user. It's right there on the tin: User Agent. Forcing no DRM is just as bad as forcing DRM, it's not the user agent's business to decide for the user. The fact that most user agents today are actually developer/publisher agents is part of the problems we are having.
>I am objecting to the inclusion of DRM technology in web standards, where this pitiful semantic debate about what a user agent is for doesn't even apply in the first place. What is fit for the open web platform and respective standards has nothing to do with decisions made by user agent developers.
Commercial interests are not going to fly the free-as-in-beer pirate flag no matter how loudly you bang that drum, and if the internet is open then those commercial interests also certainly have a right to be part of it.
It's ultimately not a problem if internet standards allow room for DRM schemes, because in a properly functioning system the users will decide through their user agent if they want to engage in DRM schemes or not.
So long as you are fueled by self-righteous dogma with a seething hatred towards people just minding their own business, you're not going anywhere and I would even argue you're actually contributing to the very problems you want to see resolved.
It would be nice if we could go back(?) to a world where the user operates their computer, not the computer operating their user.
A user agent should chiefly do what the user tells it to do, but if you pay more attention, you'll see how bad web standards can actually still screw over the user. Because if you make particularly bad web standards, the user agent can still do what the user is telling it to do, but the website can then start behaving in a manner which goes against what the user is telling their computer to do.
If browsers had implemented WEI, a chief use case was to allow websites to control whether extensions and adblocking could be used while browsing their pages. And the clever part is, sure, your user agent could implement WEI "wrong" and let the user do whatever they want, but the attestation would allow the website to decide which user agents pass attestation, so you can't just make a user agent that does what the user wants.
DRM and WEI are pretty similar as they're both technologies that require computer programs to restrict what you can do on your own computer (and DRM does what WEI does with browser choice but in a litigation way instead of cryptographically-attested way), but I will repeat this again for hopefully the last time:
Not wanting DRM in web standards has nothing to do with the definition of a user agent.
One more time:
Not wanting DRM in web standards has nothing to do with the definition of a user agent.
Seriously, stop ignoring this. It's not like I didn't already aggressively state it previously.
Or maybe (hopefully) they download popcorn time instead
One person's user agent might be another person's "software I would never use".
As a text-only web user I am continually amazed, thirty years in, that web developers and now their CDN service providers are _still_ making incorrect assumptions about what user agent I am using. They are wrong every single time. There is almost zero focus on rate limits but hyperfocus on user agent string or other headers. For most sites I send no user-agent header and this works fine. But when sites want certain headers this tells me the purpose is not "protecting" servers from being overloaded, it is "protecting" servers from web users who will not involuntarily provide commercially useful data/information so that access to them as ad targets can be sold for profit.
Choice of user agent should make no difference. The JSON I'm getting is the same regardless of what device or software I am using. I decide what I want to do with the JSON after I retrieve it.
Imagining how things could be different, there could be "commercial" user agents that people use for accessing their bank acconts online and for other commercial transactions. There could also be "non-commercial" user agents that people use to read HN. Unfortunately, the way things are now people are using commercial browsers for non-commercial web use and exposing themselves 24/7 to unecessary tracking and advertising.
Personally, I only use a commercial user agent infrequently. I'm not doing many commercial tranasctions over the web. Most times, I am using non-commercial user agents. I see no ads and can focus on the text.
I don't think it comes down to that, I think it's more about the fact that your browser likely looks more like a bot than it does a human.
Also, rate limiting has a significant overhead and complexity at scale, where agent filtering is relatively cheap and easy to distribute. Though, this is largely a problem that has been resolved many, many times over and the additional overhead is not that bad. All said, I've met too many developers that don't conceptually understand public/private key encryption and would assume they'd mess up rate limiting.
All the content behind it is still available day 0 on trackers
In what way do they directly profit from piracy?
The networks can still track (to some extent) what shows are popular as torrents, and use that to inform their other advertising efforts. A break out (good) show may show indicators on torrents from word of mouth outside their network, and they can then feature that show in their banner areas.
These aren't likely "profit" directly, but they are and can be factors. Another point is loyalty from those who are able to pay, when they are able to pay. Assuming prohibitive costs are what is mainly keeping people from paying for the content.
I think you answered this yourself.
To be clear, the word "forced" here is not implying doing something against someone's will, it's "forced" in the sense that web properties are "forced" to live with the existing limitations of the web platform, e.g. properties are "forced" to live with the fact that user agents may have adblocking software installed. It is not the result of literally forcing someone to do something.
This could be key differentiator over other browsers.
edit: > Focus on building good APIs/extension points though, and those will be immensely useful whether for local LLMs.
I think we're saying the same thing, focus on good extension points for the local LLM use case.
Not trying to pry into your personal lives, just wondering because there's a lot of meaningful information behind the answers to those questions.
Given the limitations of our funding model, we won't be building a huge team, but rather a small team that allows us to maintain a runway of at least 1.5 years. :)
The best for a beginner is usually to start with some simple page you made yourself, since you know how it’s supposed to work, and can debug more easily.
And come join us on Discord, there are new people getting into the codebase all the time :)
First, thanks for this project and making your self accessible!
Will "plug-in" or "add-on" support be a first-party concept in Ladybird?
I ask that because in years past a few other browsers (Konqueror, Falkon, Dillo, etc) made it pretty far but lacking add-ons, useful capability such as 'NoScript' or 'uBlock' or even a tab manager made them non-starters.
Plus there are plugins for dillo... https://dillo-browser.github.io/#plugins
Also: how will you handle bookmarks? IMHO only Chrome does a good job with bookmarks — please copy them instead of reinventing the wheel.
If I had to use bookmarks on FF, I would simply not use them at all.
I use bookmarks heavily.
Here are bookmarks on FF-based Mullvad Browser
(I stopped using FF proper a long time ago)
Here are bookmarks on Chromium-based Iridium browser
Where does it look easier to manage bookmarks ?
Above.
Just my opinion.
The endless security nightmare that was ActiveX and NPAPI should serve as more than enough reason why that shouldn't be a thing again.
"Installed manually not from app store" is even worse because then you're encouraging people to download random binaries from random websites and that's even worse
My point is not for other people to make extensions that you must use. Rather, my point is in case the user wants to write their own extensions do things that have more permissions, without needing to recompile everything. It is specifically if the user does not want the extra security (because they intend to program it to do things beyond that provided by the browser's security context), and only for that case.
(However, there might be another alternative: Provide a .a file (in case do not intend to compile it by yourself, which might take some time and require several dependencies) and allow the end user to link that file together with their own .o files, instead of using .so files. The constructor functions can be used to tell the main program of the presence of these extensions.)
(Another alternative would be to provide a separate version that may permit this, e.g. "advanced version", that might also offer additional options and other features which are intended to only be used by advanced users, therefore making the user interface more confusing for users who do not read the documentation.)
C (and other programming languages) that is compiled to WASM could be installable from the app store, since then it is safe. Native code extensions must be installed manually.
Personally, I much prefer developing for the web than native so if there were APIs exclusive to Ladybird it might create a nice virtuous cycle of developers targeting Ladybird to do new things and users using Ladybird to try those new experiences.
There's probably a huge influx of people trying to get involved now, which probably really complicates and muddies the waters right now as well.
Either way, congrats!
Edit: In Blink, the layer/compositing system extends to SVG elements inside SVG tags, as well, and in WebKit, it doesn’t yet, but there is an active years-long effort going back to 2019 that will eventually land: https://youtu.be/WxqJFxiprrU?si=dhQIgW1V4yS_Ca4s Compositing and using the GPU seems like a complex but important part of rendering in a browser, and a case where it could be good to implement the kind of system that other browsers have arrived at after years of iteration, when it comes time to do so.
Will the JS engine still be LibJS?
AFAIK there's some support for it already, but it has to be enabled explicitly with --enable-gpu-painting. I can confirm that with that switch Ladybird can do 3D CSS transforms (which don't work without it).
Here’s hoping one day I can move to LadyBird and leave the others behind.
Bravo again.
* We're already making a top 5% income for our area and have more than enough for our needs and even an early retirement.
* We get non-monetary benefits from our job like WFH and/or flexible scheduling.
* We're working on projects that excite us and make us happy to go to work and that matters more than total comp.
Money aside, I'd rather see Ladybird hire 6 developers who are seriously passionate and live all across the world than see them hire 6 Bay Area developers who think they're better because they ask for more comp. That the passionate and global developers are cheaper is just a nice bonus.
(or will you just use Chrome as a reference spec and implement anything it implements?)
Q2: what is your “guiding principle/mission”? Is it to be the fastest browser? The most privacy centric browser? The only 100% standards compliant browser? etc…
—-
Super excited for you. Wishing you the best in this and hope you change the world for the better.
Any browser that doesn’t display normal websites normally will never achieve mainstream usage. Who willingly handicaps their software?
(An older not as relevant one is http://acid3.acidtests.org/ )
But with the updates, it wild to see progress moving steady but impressively. And the last year - wow! With all the donations, there is now a path towards a real viable alternative rather than something that looses interest as contributors lives get in the way.
I love that you are no over promising and have provided a reasonable time line, it is the kind of restraint that typically gets things done rather than promising the world up front. I love it and look forward to where this goes from here and it could end up in some very odd places.
If in 2001 you where to say that KHTML would be the core base of the majority of web browsers in 15 years, you would have been a great joke. And look at what happened. The big thing is to keep a Richard Stallman like resolve to do what is right for the people, even if it means a little less personal success.
Be well.
I also have a personalized build step on our pre-production web app that launches the site in Ladybird for my host. It’s been awesome to see the browser lock in functionality along with our own progress.
It seems to me that a large volume of code in Blink deals with obscure features with relatively niche use cases (such as WebRTC, WebUSB,WebGL, WebAudio and so on and so forth), which would mean a large amount of programmer effort for very little user-facing gain.
Additionally, in these areas, web standards tend to say 'whatever Chrome does', with FF often lifting large parts of Chrome code to support these features. Even if the above wasn't true, in practicality it is, since all clients are tested against Chrome, you'd need to follow all its quirks to have your browser be compatible.
Are you planning to do a clean room implementation of these features as well?
WebUSB is a lot more common than one might think, but I mostly see it used in music gear. Companies like Novation use WebUSB to facilitate firmware upgrades, backups, patch management, etc with their synthesizers and workstations.
Its pretty much a necessity for me at this point so that I can remain OS agnostic and still manage my gear.
https://mozilla.github.io/standards-positions/
Can't wait for the day I can drop Firefox and use Ladybird full time.
Will you use Vulkan when it comes to gpu accel or OpenGL?
Will you make better adblocking capabilities by embedding faster checks and rule engines/lookups in c++ than what we have now?
How much can people who do not contribute code affect development? In terms of requests suggestions? E.g. if I would suggest to skip OpenGL and use Vulkan (so basically defining a limit on how old should the hw be), would this be even considered?
Also twenty hours ago: https://news.ycombinator.com/item?id=40845951
One day ago: https://news.ycombinator.com/item?id=40838973
Along with 60 other threads you can see by clicking the link I posted.
Can assume site was set-up yesterday and people are submitting it without checking if others did too.
Oh the homepage was discussed yesterday? Let's add /index.html and resubmit it!
It would be a statement of hope that we are not condemned to Google’s corporate strategy and the absolute rot the Mozilla foundation has become.
I know pretty much everything is not in their favor but I truly believe it’s still possible for a couple of guys with their head between their shoulders to actually “change the World”. I need to sleep at night after all.
If one values the web being somewhat open/less monopolistic, an open source web browser would be more appealing.
I have faith in the Ladybird browser project to avoid such a situation though.
This is not even in the list of my concerns. I just don't like to see efforts of hundreds if not thousands of volunteers are rolled into a closed source application and distributed for the profit of a couple of people who pat themselves on the back because they got their next car/house/whatever for free.
This is why I prefer GPL over BSD/MIT.
When you put all this spectrum of views under a project, it becomes another thing to manage these expectations and what people want from the project in the end. When big shifts start to occur, people will react differently.
When it's a project people love and contribute with the expectation of keeping things the way it's, and the things change, people won't be happy. See: Go's opt-out by default telemetry proposal, HashiCorp's and Docker's license changes, Google's persistent push to block ad-blockers, Microsoft's breaking of VSCodium in subtle ways, etc.
So it's much more than you and your code, esp. in projects like these. I think licensing them with licenses allowing rug-pulls (esp. under community itself), is a red-flag in many cases.
I also put the code I develop myself out there for the betterment of all, but it's licensed with GPL, because I don't want someone take and run away with it for "betterment of themselves rather than everyone". Now, you might not agree with me, and I respect that, but that's the terms I put on my code. As I always say. If you like it that much, reimplement it. I don't care.
Conversely, I contribute to a project which allows no GPL code, because it's designed to be both open, and be customized and closed at the same time. We put it out very openly in the beginning, because that license is a requirement for the use case we (as in ~10 countries) have, and MIT is the best one for our use case.
...but, Ladybird is not that. The project tries to build an important, foundational commodity item. Allowing it to be taken private is a mistake, IMO.
However, Konqueror/KHTML is now dead and we only have a closed source Safari.
I can't fathom your comments back to back.
As I've already stated, any company that may fork a similar project would actually cause more benefit than harm. KHTML died because the web started to get very complex very fast and KDE volounteers couldn't keep up with that pace, unlike Apple employees. Now that the web is a bit more stable, with less standards that are more thought-out (webassembly), it's a lot easier to maintain a web browser. So if tomorrow Microsoft hops in and announces it's intent to fork ladybird, then the latter would not only be fine, but it would probably recieve a new wave of contributors.
Also, its* not it's
Oh no no no. We don't need microsoft contributing anything into this. They will mess up everything and push their agenda.
Google was almost killing Go overnight because they wanted more user data from people using the language.
If your goal is browser diversity, this would take an ecosystem of 2 browser engines and turn it into an ecosystem of 4. That seems in-line with the goal of browser diversity.
Having 4 (or 3.5 more realistically) browser engines where 2 of them weaponized against its users doesn't change things.
Instead, we should have 3 (or 2.5) browser engines where only one of them is (and can be) weaponized against its users. This is what brings diversity and change.
That said, my point here was that realistically no company is going to fork ladybird since there's already chromium, plus even if ladybird was somehow forked by let's say microsoft and got popular, I don't think it would be detrimental to ladybird itself, if not even beneficial, since it would attract more users and, to a lesser extent, more contributors.
And I don't see any problem with forking. Tons of browser bugs were found, reported and fixed exactly because companies forked them. And remember that Blink is forked from Webkit.
Ladybird might be added to this list. It's not impossible. It'll be a winding and hard road to go, but it is not a path with no end.
You don't need to fork a codebase to fix its bugs. It's GitHub's workflow (fork -> PR -> merge). What I meant, as noted in this thread, is a hard and closed fork propelled with money and corporate greed, which eclipses the open and primary version and drown it in the process.
EEE'ing it, basically. This is why I prefer GPL (preferably V3+). If you want to improve it, it's open. If you want to monetize and EEE it, then nah. It's not allowed.
1) Ladybird matures with a community around it.
2) A company actually cares enough to fork it.
3) Said fork becomes the dominant version.
4) Company closes down fork.
I did these assumptions because I saw potential in the project and witnessed the cycle enough times to worry about its future.
On the other hand, it's a food for thought. Just to play with and explore the possibilities.
Sadly, that's not how it works; opting out of the copyright game is a lot harder than it should be. "No license" means all rights reserved, and even a public domain dedication is invalid in certain countries.
Your best bet is to put your code in the PD and provide a fallback maximally permissive license in countries with insane legislation where that doesn't work (e.g. Germany). The Unlicense notably does this, though lawyers seem to hate it for various reasons.
Alternatively, you can use licenses like 0BSD/MIT-0 which are PD-equivalent, but you technically retain copyright, so it should work in aforementioned countries too.
This also makes me a bit of a tab hoarder, though.
I'd say "I'll be keeping an eye on this," but I'm sure there'll be plenty of posts about Ladybird before the alpha even drops, haha.
Tree-style tabs could be a core feature. Maybe this is something you can contribute to the project?
and this comment from awesomekling on their SerenityOS project https://github.com/SerenityOS/serenity/pull/6814
My conclusion is to continue avoiding sites like X and the so-called "Fediverse".
But yeah,I think, it resurfaced, partially to recent, well, Ladybird stuff. Things got on the track, and the train went forward...
Hard pass. And that comes from someone who likes open standards, open protocols, decentralized solutions you can host on your own.
For all its flaws, for content and people, X is infinitely more preferable for most people not into fetishes.
Also, I am very curious why is someone like Shopify sponsoring this.
I am happy to see the project thrive.
That might play if this was another Chromium fork, instead of something built from scratch.
Developers can simply look at the Github readme and get their near plain text overview there.
We're all nitpicking no matter what our thoughts are on the design. I have my own thoughts on the design, but I'm more excited about the product than to put any more care in what the website looks like. It's easy enough to ignore and doesn't have an effect on the product.
It is a nitpick, and the website works just fine for conveying what Ladybird is & what the project will be doing: The elevator pitch given was straightforward & at the top of the main page.
How come a european project becomes an american foundation?
Sorry sometimes I get a bit existential.
- This post
- Yesterday: https://news.ycombinator.com/item?id=40845951
- 2 weeks ago: https://news.ycombinator.com/item?id=40746804
- 4 weeks ago: https://news.ycombinator.com/item?id=40560768
Anyway, I don't mind that much. I hope they succeed.
P.S. Check out my UI/UX portfolio at https://hipfolio.co
https://hicks.design/journal/firefox-logo?trk=feed-detail_co...
I can imagine how hard it is to develop a browser. However, I can't imagine how much the landscape will change in the next 2 years... LLM, privacy, etc.
I must admit I'm not crazy about the logo though. It's fine at the top of a page, but I cant see it as my browser icon on my desktop, and it's much less appealing and identifiable than the old Ladybird.
This of course comes at the cost of not being able to support non-free parts of the web standard such as DRM.
LGPLv3 would solve that, wouldn't it?
That would be a benefit, not a cost.
DRM'd content on the web is also not nearly as common as you are implying it to be. Outside of specific streaming sites that many use through dedicated apps on their TV or phone anyway it is almost nonexistent so this crap doesn't need to be in your desktop or mobile browser. Not to mention that even with DRM support you are not guaranteed to get decent content if you are on the wrong OS or don't give up ownership of your entire display pipeline or just have slightly older hardware or live in the wrong country. It's also not hard to avoid these streaming services entirely.
Then write one.
Perhaps BSD in its anarchic freedom is compelling to the kinds of people who decide to do something crazy like building a brand new browser engine from scratch, and GPLv3 with its detailed rules and regulations is compelling to people who like to talk about how they wish the world had more software licensed under GPLv3.
Open source isn’t handed down from God, it starts with one person deciding to type mkdir.
So poetic! I love that sentence!
Sorry this is not the GPLv3 everywhere world you are dreaming of, and I'm glad it works this way.
Like others said, if you want to have a GPLv3 licensed browser (that will probably be as unusable as GIMP), write one yourself.
The risk of exploits is too high
Random exploits on the Internet are still a higher risk for me.
And yes my mail account is more critical than my local files.
I open my email in a dedicated VM, so only my email provider could attempt to compromise me. Attachments are automatically opened in another, disposable VM.
Also my email account and everything normal I do, is part of my normal life and it's very helpful to be normal.
If I would ever do something out of the ordinary and want to do something which requires physical access, it's much easier to travel the world as someone who has a normal Internet profile.
My personal data is protected enough on Gmail and gdrive.
Everything else just doesn't exist anywhere.
I mean it both in a sarcastic way and not.
Is avoiding those sorts of things not supposed to be reason enough for them?
Also the page does a good job of specifically mentioning Google and making general statements about what any source of funding can impact. If Google wanted to give an unrestricted donation it's not clear from this page they would decline it.
> Ladybird is in a pre-alpha state, and only suitable for use by developers
I quickly put together a "cleaner" design for anyone interested, which also uses the original (and objectively better) logo:
[1] https://web.archive.org/web/20240208004519im_/https://ladybi...
2. gives black text white background
3. now its "clean(er)"
4. "also your old logo is objectively better"
This isn't design work.
get something working
make it correct
make it fast
Having a vanilla green field working web browser could enable experimentation. Prototying a novel more useful hybrid history & bookmarks feature set, for instance, is a giant pain thru the current plugin extensions. Like sucking apples thru a soda straw. As you said about lower level APIs, it's easier to "go straight to the metal".
It's the best (perhaps only) "small project to stratosphere" 101-recipe I've found. [Note that for browsers, even 1% of market share is stratosphere-level.]
Historical music/media apps were a great example before browsers (Winamp, Foobar2K, XBMC…). Tiny teams + key community contributions made for amazingly complete and rich software fit for all use-cases, beating any commercial alternative by far.
(The fact is that to this day, these 2000-2010 solutions gave you far more user-power & customization, not to mention discoverability and meta-knowledge, than current Netflix or Spotify UIs.)
A project like Ladybird should take that general road, IM(very but educated)HO. That's how they can eventually catch up to big names feature-wise.
Announcement post: https://ladybird.org/announcement.html
Probably merge these discussions: https://news.ycombinator.com/item?id=40845951
legacyPackages.x86_64-linux.ladybird (0-unstable-2024-06-04)
Cool! Let's see if I can read HN. nix run nixpkgs#ladybird
...
502144.831 Ladybird(1297933): WebContent process crashed!
502144.831 Ladybird(1297933): WebContent has crashed 5 times in quick succession! Not restarting...
...
I didn't expect it to work very well yet in a distro, so that's ok. It's cool enough that nix(os) has already started tracking it.I'll check back every few months and see how it's going!
I wish distros would not package pre-alpha software, since the only thing it accomplishes is giving people a bad first impression of something that isn't ready :(
If you want to mess with Ladybird, build it from the source at https://github.com/LadybirdBrowser/ladybird :)
Clearly, some upstreams do not appreciate that NixOS provides non-standard or sometimes-unfinished versions of their software, but it's either that or the software is essentially unusable and uncompilable on NixOS.
I do wonder if there is a potential for productive compromise, though. Maybe it would be desirable to have a QMessageBox warning to the user at startup that the distribution is unsupported and bugs should not be reported upstream. I think that the folks maintaining the Ladybird derivation would be happy to take feedback into account.
Announcement post: https://ladybird.org/announcement.html
More discussion: https://news.ycombinator.com/item?id=40845951
Meanwhile Mozilla spends a massive chunk of money on the organization and the philanthropy and the blog posts, and the activism, and the salaries of people who have little resemblance to engineers.
We are definitely a stripped down operation, and we will spend as much of our funding as possible on engineer salaries for the foreseeable future.
good luck
Another answer: concentration of power and market share stifles innovation. Look at what happened to Internet Explorer when Microsoft was the only game in town.
The less obvious question, and Im genuinely curious, is why do you need to rewrite the engines when there are at least 2 good compliant open source ones? The only way an engine rewrite is worthwhile is if yours is significantly leaner or faster, both seem very unlikely. An seemingly-impossible milestone of hitting party isnt that interesting, is it?
I think for a lot of us on the older end, we lived through the era of Microsoft Internet Explorer dominating the web and that experience informs our thinking. As long as there was competition between MSIE and Netscape, with each one trying to outdo the other, both browsers kept getting better and the web kept becoming a more and more capable platform. But quite soon after Netscape crumbled and stopped being a serious competitor, MSIE stagnated: development didn't just slow but halted for half a decade. The web stagnated, too, and Microsoft's dominance meant that a lot of what did get built was locked in to their platform. (Partly things like CSS quirks and nonstandard rendering behaviors, and just plain neglect of new possibilities in HTML, JS, and CSS. But more than that: how many companies built ActiveX controls in that era, which mostly required Windows to function? The entire internet infrastructure of South Korea got locked in to ActiveX by law from about 1999 to 2020.) So imagining an era of Chrome monoculture brings back some pretty negative memories.
I don't expect that Google would make the exact same mistakes that Microsoft made. But it would be awfully hard for them not to shape browser design around their own corporate interests if there were no competition driving innovation and no disincentive to shaping the entire future of the web platform in Google-friendly ways. I know that's not "things that have actually happened", but the whole point is that things change once an effective monopoly is achieved.
- Chrome began to "log in" users into the browser by default, if they so much as logged in to Gmail or Youtube, or anything that uses Gmail ID oAuth. That means that all the searches and web visits made on the browser are explicitly tied to your Gmail ID.
This way the user can feel more secure about the extension not doing things it didn’t advertise.
In those cases I would say that’s genuinely better for the user. Wouldn’t you?
Not all extensions are AdBlock Plus which (as an exception) have very specific needs not covered by manifest V3.
It’s not all black and white. Google is not all in the wrong here, even though their motivation is obvious.
Less specific, but I think just as reasonable, is looking at the philosophical alignment and financial incentives of the organization behind the browser.
Google's interests are often in direct misalignment to my own, and by virtue of that, I would strongly prefer them to not have such a position of power over the market.
So, some people feel that it'd be better to have a viable browser that isn't dependent upon Google.
Besides, has ladybird even said that they would reject google money if offered it? Or amazon? or any other large corporation that could seriously stifle the free web?
2. Would it have the features of the Line Mode Browser?
https://assets.mozilla.net/annualreport/2022/mozilla-fdn-202...
I want ladybird to succeed and show the world how ridiculous the Mozilla situation has been.
There's only one way we can make sure we can get really independent browsers:
SIMPLIFY THE WEB
- Limit the platform to absolute minimum - give way to render things, fetch stuff from the network, etc.
- Get rid of CSS - leave just some basic rendering primitives, so libraries can be created to paint on the canvas. We don't need 78 new animation primitives. We'll build them ourselves if we have a sensible canvas and execution platform.
- Move JS out of the browser to a WebAssembly compiler and make browsers run only WebAssembly
- Or keep JS in the browser but don't add any new features, features should be in libraries outside of the browser. Language should be as simple as possible.
- Get rid of all semantic html junk. We only need some basic blocks to move things around.
This way we can have simple browsers and move all complexity to client libraries, which you can pick and replace when needed. Just keep things as simple as possible and let people build on that.
(updated whitespace)
It wasn’t that long ago you needed QuickTime and RealPlayer for videos. Then Flash, Director, Silverlight, and Java for multimedia.
Better is if the document specifies the text (and any appropriate annotations, e.g. how to pronounce), and the blocks/sections/etc, and then the client software can display it according to the user's settings. Whether that means you want to display it on the screen, with your own formatting, or use a braille display, or text to speech, or whatever else it might be, you can use it.
However, I should also think that documents should not need to execute JS or WebAssembly code; although there are uses for such things, it should perhaps be separately.
Also, some of the semantic HTML commands can be helpful, such as <ARTICLE>, <TIME>, etc. (However, the user agent should decide how to display them, according to the options selected by the user; this should not be decided by the author of the document.)
A completely new protocol and file format (or more than one) is another way. A few people have tried some things relating to this, including myself. One thing I had done is that, documents cannot contain scripts to be executed nor can they link to scripts to be executed as a part of the document; executable code can only be linked to from the conversion file (which does other things too, and is not only for executing programs; e.g. to specify how to transform a URL to download a file in a different format), and the user must explicitly tell it to execute; furthermore, it uses uxn and not JavaScript nor WebAssembly (since uxn is much simpler to implement); and, if the conversion file is implemented at all (for simplicity, it is not required), it is mandatory that the end user must be allowed to override it and specify their own conversion file instead (therefore, the end user decides what the client software does). Furthermore, I had also decided to use binary formats, to make them less complicated to parse special cases (to avoid needing so many escaping and stuff like that, which is necessary with HTML). And then, TLS is allowed but is optional; it does not have mandatory TLS (although it is recommended that servers and clients will accept both TLS and non-TLS connections; but a client or server that does not support TLS will still work even if the other does support TLS, if both TLS and non-TLS are implemented). There are many other things can be done too, to make improvement.
You can build something good enough for vast majority of websites and people.
In terms of SWE, it doesn't get harder than an OS in my book (and not even from scratch). So them coming from success in that space is more than enough to convince me they can deliver a world-class browser core engine.
Sounds good, but how would you make sure the sponsors won’t influence you in the future once it’s popular enough? After all, they are still corporations and are after profits, as opposed to crowdfunding.
Still the concern remains valid and without leadership sticking to strong principles nothing will protect against external influence forever.
> preparing to become the only major web browser which does not treat the user like the product being sold.
...is either ignorant or a deliberate slam on Mozilla. Whatever else you might say about Firefox, it has never tried to "sell" me to anyone. The fact of the matter is that Mozilla has done the impossible for decades and gets no end of grief for it.
(I expect we'll get a zillion complaints about search engine placement & Pocket recommendations because that always happens on this site)
Clearly, they are referring to paid search engine placement. But that doesn't just apply to Mozilla, it also applies to Apple/Safari.
And given that both Mozilla and Apple are being payed by Google somewhat proportionally to how many users they have, clearly users are indeed being treated like a product being sold.
Ironically for a story about a webbrowser, the screen is showing 404 comments as I type this. :-)
Mmmmmmh, I don't think this is a good goal. I would expect quicker iterations even with the web browser complexities.
Why not fork Firefox or Chromium?
Can you point to an example where Mozilla's funding model led it to make a bad decision?
I hope that as Ladybird grows you'll keep privacy, security, and customization in mind because our options in that space are very limited.
A reminder that years ago they were paid by an advertising firm to secretly install a plugin for a TV show. When someone raised a bugzilla bug about it, the project manager for the plugin (who herself had come to Mozilla after a career in online advertising tech...) marked it employee-only. Another employee reversed that, and then someone at the highest levels of Mozilla leadership changed it to a level that made it unviewable even by employees.
Pocket? That shit requires manually editing a bunch of config strings to disable. We were never asked "would you like to enable Pocket?" because they knew 99% of their audience would click "no." There still isn't a checkbox to disable it.
This whole "privacy is our priority" thing has been a farce and always will be.
But hey, they won't enable WebSerial because ZOMG DANGEROUS USERS CAN'T BE TRUSTED PRIVACY CHAOS DANGER DANGER MUST PROTECT THEM!
...meanwhile in Chromium browsers, WebSerial has been supported for years, it asks the user to give permission per-site just like cameras and microphones. The world has not caught fire, nobody's pacemaker has killed them, etc.
If your complaint is that Firefox doesn't support enough standards, ladybird is so far behind
And Firefox's attempts to diversify by seeking new sources of advertising revenue don't actually make the problem better; what I would like is a browser that is not competing for advertising revenue.
I would like a browser with a big team behind it and a stable reliable source of income. Google paying for everything is risky but I don't think its as big a corrupting influence as you seem to believe.
More recently they pushed an ad for Disney on users and the only way to prevent that was to turn off the redirect to the "what's new page" the show us after updates (browser.startup.homepage_override.mstone = "ignore") which means that now users have remember to manually check out https://www.mozilla.org/en-US/firefox/releases/ for release notes.
Then later they pushed a full screen VPN ad on every firefox user. In response to the immediate outrage, they suspended the ad campaign and told people to add "browser.vpn_promo.enabled" to about:config and set it to "False", even though that only applied to the one ad everyone had already seen and been forced to click past. What they should have done was add "browser.promos.enabled" and made sure that any ads they added to the browser in the future respected that preference.
I agree 100% that pocket is a huge offense. It should never have been anything but an add-on.
> ...meanwhile in Chromium browsers, WebSerial has been supported for years
Most people using Chrome are already handing all their private info and internet browsing history to Google. No exploit needed. Last I checked (it's been a while admittedly) there was no way to totally disable WebRTC or service workers in chrome and they don't want you to be able to disable ads either. Chrome isn't really an option.
Firefox is a very imperfect browser, and I'm afraid that it's getting worse all the time, but it's still the best we have.
I thought they weren't paid, and I know for sure that the plugin didn't load the code unless you set a special thing in about:config.
By the standards of easter eggs it was fine.
> When someone raised a bugzilla bug
I didn't hear about this part, I'd like to see your source. Though I don't know if that really worries me?
And I have no idea how it, or Pocket, is supposed to have any connection to privacy.
The implication by users who frequently bring this up is that there's some unique influence on Mozilla. Yet if we're going by reminders Mozilla had a deal with Yahoo for three years in-between for it to instead be the default search engine and they were still paying hundreds of millions for the privilege (it's been estimated they were even paying $100m more than Google at the time, though by 2017 Mozilla reportedly felt they should have been making more and ended the deal prematurely after Yahoo was bought by Verizon).
Ie: I haven't seen evidence it's been unique partnership with Google in that regard. If there are more concrete examples of influence though I'd be interested (and it has to be understood I'm not a Google apologist either, I just seek more accurate critique as it's more robust).
It would give hope we're not doomed to Google’s corporate strategy of cannibalization.
Even LGPLv3+ would be a good choice here.
I can't wait to see the absolute mountain of perfect pull requests all these people bring to the project!
Seriously though, congratulations Andreas and please keep the faith. We might not be the loudest voices, but almost all of us are cheering for you.
WebGL, WebGL2, WebGPU, WebNN, WebXR, WebAudio, WebRTC, WebAssembly? Etc....?
Each of those seem like a multi-year project for a team on their own if you're not going to take code from any other browser
- Quark is written in Coq and is formally verified. What can be learned from the design of Quark and other larger formally-verified apps.
From "Why Don't People Use Formal Methods?" (2019) https://news.ycombinator.com/item?id=18965964 :
> - "Quark : A Web Browser with a Formally Verified Kernel" (2012) (Coq, Haskell) http://goto.ucsd.edu/quark/
From https://news.ycombinator.com/item?id=37451147 :
> - "How to Discover and Prevent Linux Kernel Zero-day Exploit using Formal Verification" (2021) [w/ Coq] http://digamma.ai/blog/discover-prevent-linux-kernel-zero-da... https://news.ycombinator.com/item?id=31617335
- Rootless containers require /etc/subuids to remap uids. Browsers could run subprocesses like rootless containers in addition to namespaces and application-level sandboxing.
- Chrome and Firefox use the same pwn2own'd sandbox.
- Container-selinux and rootless containers and browser tab processes
- "Memory Sealing "Mseal" System Call Merged for Linux 6.10" (2024) https://news.ycombinator.com/item?id=40474551
- Endokernel process isolation: From "The Docker+WASM Technical Preview" https://news.ycombinator.com/item?id=33324934
- QubesOS isolates processes with VMs.
- Gvisor and Kata containers further isolate container processes
- W3C Web Worker API and W3C Service Worker API and process isolation, and resource utilization
- From "WebGPU is now available on Android" https://news.ycombinator.com/item?id=39046787 :
>> What are some ideas for UI Visual Affordances to solve for bad UX due to slow browser tabs and extensions?
>> - [ ] UBY: Browsers: Strobe the tab or extension button when it's beyond (configurable) resource usage thresholds
>> - [ ] UBY: Browsers: Vary the {color, size, fill} of the tabs according to their relative resource utilization
>> - [ ] ENH,SEC: Browsers: specify per-tab/per-domain resource quotas: CPU
- What can be learned from few methods and patterns from rust rewrites, again of larger applications
"MotorOS: a Rust-first operating system for x64 VMs" https://news.ycombinator.com/item?id=38907876 :
> "Maestro: A Linux-compatible kernel in Rust" (2023) https://news.ycombinator.com/item?id=38852360#38857185 ; redox-os, cosmic-de , Motūrus OS; MotorOS
From "Industry forms consortium to drive adoption of Rust in safety-critical systems" (2024) https://news.ycombinator.com/item?id=34743393 :
> - "The Rust Implementation of GNU Coreutils Is Becoming Remarkably Robust" https://news.ycombinator.com/item?id=34743393
> [Rust Secure Coding Guidelines, awesome-safety-critical,]
> Because of Brazilian government demands to remove creators from our platform, Locals is currently unavailable in Brazil
> We are challenging these government demands and hope to restore access soon
Does anyone have access to it?
And what if you succeed? Best of luck on this bold endeavor, and try not to break our hearts.
What an intriguing name for a web browser.
Or what Firefox is doing wrong.
Or what sets this apart from existing browsers, besides the funding model.
As a end user, what should I be excited about?
As a developer, what should I be excited about?
If you disagree, roll up your sleeves and show us how you can make it better. Otherwise, STFU.
Generic “he” is correct 20th century English. Singular “they” is correct 21st century English. Some people use “she”. I thought the current zeitgeist was to not judge people based on which pronouns they use :)
To prevent this, remove `anon` from the `wheel` group and he will no longer be able to run `/bin/su`.
To prevent this, remove `anon` from the `wheel` group and they will no longer be able to run `/bin/su`.
“awesomekling commented on May 2, 2021 This project is not an appropriate arena to advertise your personal politics”
> At the moment, many core library support components are inherited from SerenityOS:
LibWeb: Web rendering engine LibJS: JavaScript engine LibWasm: WebAssembly implementation LibCrypto/LibTLS: Cryptography primitives and Transport Layer Security LibHTTP: HTTP/1.1 client LibGfx: 2D Graphics Library, Image Decoding and Rendering LibArchive: Archive file format support LibUnicode: Unicode and locale support LibAudio, LibMedia: Audio and video playback LibCore: Event loop, OS abstraction layer LibIPC: Inter-process communication
I loved opera to death in the early 2000s. I was young and broke and didn't want to pay for it, but even though there were cracked versions around I dealt with the officially free, ad-sponsored version (Google ads, ironically) because I wanted to support it.
Now I've donated to Firefox in the past, but they've disappointed again and again with questionable business decisions. Still, I'm exclusively using Firefox than anything Chromium-based out of principle and I think I will switch to ladybird as soon as feasible. I have no problem paying for a browser that's truly independent.
Is this going to work with screen readers, magnification, speech recognition etc? I guess a more abstract version of that question is: Does Ladybird intend to offer some kind of feature parity with existing solutions where integration with OS-specific accessibility architectures (UIA, AT-SPI2, etc.) are concerned? If not, it's a non-starter for quite a few people, and I'd rather know so I know to even keep up with this project or add it to the "user first but oh not actually all users first" pile :)
"User first" definitely doesn't mean targeting all 8 billions people on the planet.
I work at Brave, VP of IT. I worked at Mozilla for 5 years. So have some experience with browsers.
I see our insanely high infrastructure bill each month, most of the cost comes down to CDN/distribution of updates, block lists, safe browsing etc. But we also have a bunch of other costs for staff to maintain said infrastructure and security.
If you get to scale, what is the plan here? Because $1M won't get you a very long runway and the moment browsers stop doing what they should be doing well, they die. Wishing you the best of luck.