I don't have much to add here, just wanted to say that I think this is a tremendous gift to the Internet that we loved. It would suffice to say that after many hard reality checks I don't really feel like there are any browser vendors that feel like good stewards of the open web, and it seemed like a new browser that actually managed to break out would be infeasible... until Ladybird showed up. And now, I'm typing this reply in Ladybird.
Of course, it has a long way to go before it is going to be a good daily driver, but I truly believe this is the beginning of something great. I've been consistently surprised by what works, and the rate of improvement is staggering at times.
My question: Has anyone given any thoughts regarding the stance to take with DRM features, e.g. Widevine/Encrypted Media Extensions? It seems like since our previous stewards of the open web didn't care enough, now making a browser with substantial marketshare without this may be hard. Seems like a hard problem, I really do wonder where Ladybird will stand if it continues on its current lightning fast trajectory.
I think it should be possible to have some sort of open extension to allow side band canvas rendering to allow for such extensions as optionally provided by the OS. Possibly with an API for custom engines in WASM.
I don't think it should have to be in the browser. I would like the option to watch the content. I know the while process of DRM is stupid and will be side stepped somewhere.
Personally, I think life would be better if browsers just didn't play the game at all. If the web was not controlled by corporations, DRM as part of the platform 100% would have simply never happened.
From my point of view, putting DRM into web browsers is actively bad for a couple of reasons beyond the usual arguments against DRM. The greatest asset the web platform has is that it's a unified, open platform that anyone can participate in; Of course, DRM harms users too, but specifically DRM harms the web as a platform. You can't simply have a "full" web browser that can browse the entirety of the web (as ordinary users understand it) without licensing Widevine. To date, only large corporate web browsers have ever gotten this privilege[1]; community web browsers are shit out of luck, almost certainly forever. Not only that, but Widevine will only officially support a small subset of the operating systems that are out there, ensuring that you can't get a "full" web browsing experience on, for example, any BSD (at least not without manual work and violating several license agreements on the way.) Even if Ladybird bucks the trend and manages to get a Widevine license somehow, it will only be possible to make this work on Windows, Linux and macOS. Yes, I understand this covers the vast majority of users, but if you can't see how this is extraordinarily antithetical to the open web I don't really know what else to say. The web didn't even begin on any of those platforms!
Of course, I seriously can't blame Ladybird if they want to go this route. After all, in the position that Ladybird is in, pragmatism is a stance that is hard to beat. Ladybird currently doesn't have the muscle to flex to try to influence the future of the web platform in such a way, especially not against the will of the mega-corp overlords that currently control the web platform.
If I had to guess, I'd guess the lack of an answer to my question is because taking the pragmatic stance on this particular issue will prove controversial, though I hope if that is the case that people continue to direct their ire towards W3C and Mozilla who pretty much immediately folded when the issue came up in the first place. In the moment when Flash and Silverlight died, there was a small sliver of hope that DRM on the web would die with it, but instead we wove DRM directly into the fabric of the web, and Mozilla, no doubt afraid to watch their marketshare dwindle even further, (which it has continued to do anyways, mind you,) played a huge part in that.
Issues like this are why there is guaranteed to be vile toxicity when something like WEI comes up. We know that there is no entity out there holding the line to protect the web platform; once one of these technologies like WEI makes it into Chrome, the era of the open web will have essentially ended. If you believe that the open web is important, then any technology that's vaguely WEI shaped is enemy #1, and when there is no other option, people will choose violence, again and again. DRM on the web isn't really quite as dire of a situation, but it isn't particularly great either.
(One might wonder what the point of keeping DRM out of the browser is, forcing users to use separate software, making their overall experience worse... but that's kind of the thing: Why in the fuck should these vendors and this DRM'd content, that is antithetical to the open web, get to benefit from the web platform built and used mostly by people who stand to gain nothing from it? If you want the benefit of the web platform and all it offers, you should be forced to lose the DRM. Otherwise, have fun deploying your own native software.)
Can't speak for others... but I generally pay for a few streaming services at a time. I find a lot of the UX just poor to very bad. I will favor those with shows that I watch. I still torrent the shows themselves as it's easier (for me) to do that then to deal with the various apps on my Shield (they're still there, as my SO seems to use them for random watching).
The networks can still track (to some extent) what shows are popular as torrents, and use that to inform their other advertising efforts. A break out (good) show may show indicators on torrents from word of mouth outside their network, and they can then feature that show in their banner areas.
These aren't likely "profit" directly, but they are and can be factors. Another point is loyalty from those who are able to pay, when they are able to pay. Assuming prohibitive costs are what is mainly keeping people from paying for the content.
They seed and download their own works on bittorrent, then send "scare emails" demanding payment to any ISP with IPs they connect to for forwarding to the customer. A nontrivial number of confused or scared customers pay.
There are more indirect ways, but that is certainly the direct way they financially profit.
>Personally, I think life would be better if browsers just didn't play the game at all.
A web browser is a user agent. Why is the browser deciding anything one way or another? Let the user decide by providing options one way or another. If the user wants DRM access, let them; why is it the browser's business?
Again, the two important words: User agent.
The freedom to decide and choose is what helped Firefox take out IE6 and led to most subsequent browsers featuring some form or another of extensibility (which incidentally is now regressing because web browsers are increasingly developer and publisher agents).
There should be a great diversity in user agents because there is great diversity in personal tastes.
One person's user agent might be another person's "software I would never use".
As a text-only web user I am continually amazed, thirty years in, that web developers and now their CDN service providers are _still_ making incorrect assumptions about what user agent I am using. They are wrong every single time. There is almost zero focus on rate limits but hyperfocus on user agent string or other headers. For most sites I send no user-agent header and this works fine. But when sites want certain headers this tells me the purpose is not "protecting" servers from being overloaded, it is "protecting" servers from web users who will not involuntarily provide commercially useful data/information so that access to them as ad targets can be sold for profit.
Choice of user agent should make no difference. The JSON I'm getting is the same regardless of what device or software I am using. I decide what I want to do with the JSON after I retrieve it.
Imagining how things could be different, there could be "commercial" user agents that people use for accessing their bank acconts online and for other commercial transactions. There could also be "non-commercial" user agents that people use to read HN. Unfortunately, the way things are now people are using commercial browsers for non-commercial web use and exposing themselves 24/7 to unecessary tracking and advertising.
Personally, I only use a commercial user agent infrequently. I'm not doing many commercial tranasctions over the web. Most times, I am using non-commercial user agents. I see no ads and can focus on the text.
I think I see an underlying point though. What other Internet protocol or service requires the user client to supply endless additional arbitrary metadata to even gain access to a resource, let alone receive information? Not even email is that cumbersome for the clientside. Although it is the way it is for better or worse.
Right, pack it up. You all heard the guy with the random username. Corporations have the power to make things convenient so I guess we should just give up and allow ubiquitous corporate control.
> it is "protecting" servers from web users who will not involuntarily provide commercially useful data/information
I don't think it comes down to that, I think it's more about the fact that your browser likely looks more like a bot than it does a human.
Also, rate limiting has a significant overhead and complexity at scale, where agent filtering is relatively cheap and easy to distribute. Though, this is largely a problem that has been resolved many, many times over and the additional overhead is not that bad. All said, I've met too many developers that don't conceptually understand public/private key encryption and would assume they'd mess up rate limiting.
Firstly, I object to DRM being added to the web platform in the first place. It is antithetical to the platform. This goes above the definition of what a user agent is and goes into what the web even is in the first place.
Secondly, users don't really get a choice. Users are fucked because browsers implement features like DRM and websites hard-depend on them. So the user is no longer choosing whether or not to enable DRM, but whether or not they can watch Netflix on their laptop. User agents should not put users in predicaments like this where they are forced to make choices against their own interests. This is one of those situations where nuance is necessary.
If Netflix doesn't work in the browser users aren't going to lean back in their chairs and think fondly of the freedom fighter jchw that protected them from working against their own interests, they are going to open Edge and watch Netflix.
No matter how much you opine the outcome is not going to change, the end users have spoken in what they want in their user agent.
> If Netflix doesn't work in the browser users aren't going to lean back in their chairs and think fondly of the freedom fighter jchw that protected them from working against their own interests, they are going to open Edge and watch Netflix.
Or maybe (hopefully) they download popcorn time instead
Yes... that's pretty much exactly what I said. Users will indeed just do what they need to do to watch Netflix, whether or not DRM is good for them or the web platform.
> Secondly, users don't really get a choice. Users are fucked because browsers implement features like DRM and websites hard-depend on them. So the user is no longer choosing whether or not to enable DRM, but whether or not they can watch Netflix on their laptop. User agents should not put users in predicaments like this where they are forced to make choices against their own interests. This is one of those situations where nuance is necessary.
That's why it shouldn't be a part of the web platform in the first place. Because we shouldn't force users to make choices against their own interests.
Here are some other examples of where we shouldn't force users to make choices against their own interests:
- Users should not have to give up their rights to be able to access legally-mandated warranty services or replacement parts.
- Users should not be forced to accept being tracked.
- Users should not be forced to forfeit their right to be a part of a class action lawsuit to use a product or service.
Try as you might, you're never going to convince anyone that the free market will just magically make all of the incentives align and make "the right choice", these are things that ultimately have to be solved with policy. The closest thing to "policy" on the web is standards, and W3C put EME in the standards despite widespread outcry, and that's why we're at where we're at.
Now the thing is, we have DRM in browsers, but we still don't have Web Environment Integrity, a complete and utter bastardization of the open web that would've made it cryptographically impossible for an open source browser to really meaningfully exist (since compiling it yourself would likely make it impossible for you to e.g. do banking or watch Twitch streams, since it would then fail attestation.) The reason we don't have WEI is because it was widely rejected by the community. Not because users made a choice.
It's nice to think that you can just leave it to the users to pick and they'll always do the right thing, but at the end of the day most people don't have time to care about DRM or WEI. Most people are not technical and just simply don't have the capacity in their day to be concerned about things like that. That's why it's literally the job of people who do have that capacity to fight for the user's best interests and try to avoid users being put into positions where they are basically guaranteed to be fucked.
And frankly, we're not winning the fight.
(This is no different from anything else. The vast majority of people can't be expected to fight for e.g. free speech rights either; it's always going to be a minority of people who hold the line.)
>It's nice to think that you can just leave it to the users to pick and they'll always do the right thing,
>it's literally the job of people who do have that capacity to fight for the user's best interests
A user agent should not be concerned about "doing the right thing", that's none of its business. You are proposing a developer agent, not a user agent.
"Doing the right thing" for the user's best interests is the job of the user agent. It's just that simple. Giving the user a "choice" by implementing anti-features that they will be coerced into using by abusive websites is not really much of a choice. What you're really building there is a website agent, with a side of deception to make it sound like it's actually good for the user. Coincidentally, Google makes a nice website agent called Chrome that serves their needs for advertising quite well.
This is also now the third time in this reply chain where I will point out that I am objecting to the inclusion of DRM technology in web standards, where this pitiful semantic debate about what a user agent is for doesn't even apply in the first place. What is fit for the open web platform and respective standards has nothing to do with decisions made by user agent developers. I am not going to point this out again. Further replies that try to drag this semantic debate out are just going to go ignored by me.
>"Doing the right thing" for the user's best interests is the job of the user agent. It's just that simple.
No, a user agent's sole job is to represent its user. It's right there on the tin: User Agent. Forcing no DRM is just as bad as forcing DRM, it's not the user agent's business to decide for the user. The fact that most user agents today are actually developer/publisher agents is part of the problems we are having.
>I am objecting to the inclusion of DRM technology in web standards, where this pitiful semantic debate about what a user agent is for doesn't even apply in the first place. What is fit for the open web platform and respective standards has nothing to do with decisions made by user agent developers.
Commercial interests are not going to fly the free-as-in-beer pirate flag no matter how loudly you bang that drum, and if the internet is open then those commercial interests also certainly have a right to be part of it.
It's ultimately not a problem if internet standards allow room for DRM schemes, because in a properly functioning system the users will decide through their user agent if they want to engage in DRM schemes or not.
So long as you are fueled by self-righteous dogma with a seething hatred towards people just minding their own business, you're not going anywhere and I would even argue you're actually contributing to the very problems you want to see resolved.
The HN Guidelines state to "respond to the strongest plausible interpretation of what someone says", which is what I did. And yes, I was aggressive, but I don't think it was unwarranted given how strongly he feels about making people "do the right thing" as far as he is concerned.
It would be nice if we could go back(?) to a world where the user operates their computer, not the computer operating their user.
Yes, but as I stated no less than three times, I am talking about what goes into web standards and the web platform. That is before the term "user agent" comes into things, because web standards are about what the web is, not about the programs that serve and access it. It really side-steps the semantics debate quite elegantly, but it's inconvenient for your argument which is shallow and depends on a pretty lame interpretation of the words "user agent".
A user agent should chiefly do what the user tells it to do, but if you pay more attention, you'll see how bad web standards can actually still screw over the user. Because if you make particularly bad web standards, the user agent can still do what the user is telling it to do, but the website can then start behaving in a manner which goes against what the user is telling their computer to do.
If browsers had implemented WEI, a chief use case was to allow websites to control whether extensions and adblocking could be used while browsing their pages. And the clever part is, sure, your user agent could implement WEI "wrong" and let the user do whatever they want, but the attestation would allow the website to decide which user agents pass attestation, so you can't just make a user agent that does what the user wants.
DRM and WEI are pretty similar as they're both technologies that require computer programs to restrict what you can do on your own computer (and DRM does what WEI does with browser choice but in a litigation way instead of cryptographically-attested way), but I will repeat this again for hopefully the last time:
Not wanting DRM in web standards has nothing to do with the definition of a user agent.
One more time:
Not wanting DRM in web standards has nothing to do with the definition of a user agent.
Seriously, stop ignoring this. It's not like I didn't already aggressively state it previously.
Can everybody please stop latching onto specific words? Every retort to my post is about semantics of words. That's not very interesting, and it leads to long sprawling threads that go absolutely nowhere and just look kind of pathetic for both of us.
To be clear, the word "forced" here is not implying doing something against someone's will, it's "forced" in the sense that web properties are "forced" to live with the existing limitations of the web platform, e.g. properties are "forced" to live with the fact that user agents may have adblocking software installed. It is not the result of literally forcing someone to do something.
When Ladybird first came a long the highest hope I had for it would be something like Konquer browser or the odd ball ones you see that haven't been maintained for years on various Linux Distros/old Mac Os releases.
But with the updates, it wild to see progress moving steady but impressively. And the last year - wow! With all the donations, there is now a path towards a real viable alternative rather than something that looses interest as contributors lives get in the way.
I love that you are no over promising and have provided a reasonable time line, it is the kind of restraint that typically gets things done rather than promising the world up front. I love it and look forward to where this goes from here and it could end up in some very odd places.
If in 2001 you where to say that KHTML would be the core base of the majority of web browsers in 15 years, you would have been a great joke. And look at what happened. The big thing is to keep a Richard Stallman like resolve to do what is right for the people, even if it means a little less personal success.
First, thanks for this project and making your self accessible!
Will "plug-in" or "add-on" support be a first-party concept in Ladybird?
I ask that because in years past a few other browsers (Konqueror, Falkon, Dillo, etc) made it pretty far but lacking add-ons, useful capability such as 'NoScript' or 'uBlock' or even a tab manager made them non-starters.
NoScript for Dillo makes no sense as it doesn't support JS anyway.
uBlock... yeah, a little, but most annoyances will be blocked by the lack of JS support anyway.
The plugins for Dillo are only protocol plugins; there are no file format plugins and no other kinds of plugins. However, I mentioned they should implement file format plugins too; other people also wanted this, and it does seem to be wanted enough that they might do it. (Other plugins will be more complicated to consider how to support it)
I tried the bookmark bar and could find no difference. The bookmark manager for FF seems far more advanced, with Chrome going the simplicity, beauty, and lack of information route.
I would hope that plug-ins and add-ons can be written in C (although any extensions written in C should be only allowed if installed manually by the end user (e.g. by adding it to some configuration file); it should never install them automatically from a "app store" or similar). That is a feature I would use.
If by "C" you're asking for C compiled to WASM, then fine. But otherwise I would hope that WASN'T ever possible.
The endless security nightmare that was ActiveX and NPAPI should serve as more than enough reason why that shouldn't be a thing again.
"Installed manually not from app store" is even worse because then you're encouraging people to download random binaries from random websites and that's even worse
I do not mean C compiled to WASM. I mean native code (with dlopen).
My point is not for other people to make extensions that you must use. Rather, my point is in case the user wants to write their own extensions do things that have more permissions, without needing to recompile everything. It is specifically if the user does not want the extra security (because they intend to program it to do things beyond that provided by the browser's security context), and only for that case.
(However, there might be another alternative: Provide a .a file (in case do not intend to compile it by yourself, which might take some time and require several dependencies) and allow the end user to link that file together with their own .o files, instead of using .so files. The constructor functions can be used to tell the main program of the presence of these extensions.)
(Another alternative would be to provide a separate version that may permit this, e.g. "advanced version", that might also offer additional options and other features which are intended to only be used by advanced users, therefore making the user interface more confusing for users who do not read the documentation.)
C (and other programming languages) that is compiled to WASM could be installable from the app store, since then it is safe. Native code extensions must be installed manually.
Seeing someone ignore the naysayers and attempt the so-called impossible task of developing a new independent browser is awesome to see. It brings a glimmer of hope that the internet is not doomed to be ruled by advertising companies with only a stagnant controlled opposition browser as the alternative.
That said, Ladybird is obviously far from becoming the daily driver for the average webizen. What do you think is going to be the first milestone where Ladybird is going to be able to be a real alternative (even if limited to certain use cases) and in what timeframe do you think this can be accomplished?
Also, do you already have any plans or ideas for how to improve the web browsing experience beyond what existing browsers provide or is your focus entirely on the engine catching up for now?
> What do you think is going to be the first milestone where Ladybird is going to be able to be a real alternative (even if limited to certain use cases) and in what timeframe do you think this can be accomplished?
At the moment, we are focusing primarily on our own use cases as developers, since those are the easiest to test and qualify. So websites like GitHub, web specifications, MDN, etc. are likely going to be very high fidelity before other parts of the web catch up ;)
> Also, do you already have any plans or ideas for how to improve the web browsing experience beyond what existing browsers provide or is your focus entirely on the engine catching up for now?
We are definitely focused on the engine catching up right now. There is an incredible amount of work to do, and we're doing the best we can :)
I think thats a very smart plan, get the websites that devs frequent up and running relatively reliably to help drive more dev use and therefore more willing contributors.
Sure, it does have some benefits. Like lower energy consumption, I hear good things about JavaScriptCore (Safari's JS engine), that said, so many of the features are missing, and one part is it encroaching on the iOS apps territory.
The features missing thing was true years ago, but Apple significantly increased their investment in Safari about 3 years ago and it really gained ground. If you subtract all the Chrome-invented features, they aren't too far off.
And some of them, like WebGPU, are Khronos IP that Apple has no reason to object to except on an ideological and profit-maximizing basis. I wonder why Apple would deliberately avoid an API that might obsolete the requirement for games to use the App Store? Do you have any ideas?
> Apple is the original author of a lot of tech they end up abandoning.
Doubtful
> Certainly a lot of Khronos IP, paging through their history.
Everyone abandons Khronos IP, or doesn't really supports it, paging through history in general. Because Khronos IP ends up a designed-by-committee crapfest. Meanwhile WebGPU is not and has never been a Khronos IP. It's developed within a w3c working group: https://www.w3.org/2020/gpu/
> Based on a 4 year (!!!) porting time from MacOS Safari to iOS Safari.
Based on a 4-year porting of what from MacOS Safari top iOS Safari?
- WebGPU spec is literally in draft status, so things can still change. It's literally in stage 2 of 5 of spec development
- Neither Safari nor Firefox have enabled WebGPU yet. The fact that Chrome rushed and enabled it by default does not make the spec or the standard finished and ready to be enabled everywhere
- webgpu can be enabled with a toggle in advanced settings in Safari on iOS (as is the case with most new features for in all browsers)
The problem is that when Chrome came out it was heavily marketed/targeted towards developers. Developers took it up and then built websites in & for Chrome. The end result is many websites work better in Chrome than Firefox or Safari. It's a vicious cycle of continuing dependency.
I'm doing my part to break the cycle by supporting the underdog by using Safari as my daily driver & developing primarily for Safari & Firefox.
Or a viscous cycle of continued development. There are definitely things that Chrome does that nobody else should copy, but there's also a lot of stuff like WebGPU and WebRTC that should be standard. Firefox doesn't drag their feet in the same way Apple does, and they certainly don't resist standardization by trying to limit what a user can do on their device.
I have no real love for Google. ChromeOS sucks, Android is only tolerable when you de-Google it, and YouTube is perpetually regressing to a shittier state. But Chromium the browser is great, and it's the only browser I install on my Mac or Linux box when I get set up at work. I want to love Firefox like I used to, but Mozilla as a business is just about as functionally inept as Google or Apple at this point. I'm done trying to be a browser ideologue, I'm embracing post-browser realism here.
The data doesn’t show they drag their feet though. If anything FF is behind.
I genuinely enjoy Safari as a user more than Chrome. As a developer the dev tools suck. But as a user - the UI is far more minimal and nice. Every single action feels 2-3x faster, from opening and closing, tab opening or movement, etc. Battery lasts significantly longer. And I never really run into anything that doesn’t work, ever. Plus never worry about the latest hidden checkbox I have to find to not have my data soaked up. Hide my email is also dope.
The more responsive and thoughtful UI and battery/performance alone would have sold me. But the privacy and modern features it’s gotten over the last years make it better imo.
Just want to give a perspective as I feel people should update priors from 2021 “Safari is the new IE”
You said data doesn't show they drag their feet and then proceeded to present anecdote of your personal preferences and use cases while adding that thoughtful UI and battery life are the features and not web standards or the implementation quality of it nor the lack of 3rd party browsers on iOS - https://news.ycombinator.com/item?id=31902707
Sure they have recently implemented some features like IndexedDB but the data does indeed show that they dragged their feet!
They did years ago, as of late they are in fact moving faster than others. I think my point stands, they are no longer clearly behind in features, and in fact probably are near tied if you subtract the Chrome-only stuff, and take into account there's a variety of things Safari has that others don't now.
> The data doesn’t show they drag their feet though. If anything FF is behind.
Literally no? We must not be on the same page, both of the technologies I namedropped were Chrome and Firefox exclusive for a half-decade. And they're certainly not the only features Mozilla and Google agree upon; Apple deliberately gimps features that benefit PWAs so that browsers artificially cannot compete with their native apps.
> Just want to give a perspective as I feel people should update priors from 2021 “Safari is the new IE”
I'm sorry; people will keep calling Safari "the new IE" for as long as Apple carbon-copies Microsoft's Explorer strategy from the 90s. You can run from it, insist it's not true, but Apple will clutch to their ecosystem control whether it's rational or not. This is why we have to antitrust them, to stop the market from more of their irrational self-serving harms.
I mean if you do the analysis on features supported on CanIUse, Safari is not really behind in any meaningful way. There are some missing features relative to Chrome, but they actually support a number of things other browsers don't. It's not clear-cut like it was years ago. Sorry if that's inconvenient.
What is WebRTC good for? I've never understood. It probably has some use for in-browser video chats, but other than that?
I'm asking because at some point the Chrome you are praising prevented my Mac from sleeping for like half a year or more because 'webrtc has active peer connections'. I had no conferences open in the browser, just - i thought - regular web pages.
So what can you do with WebRTC behind the user's back then, and why is it moral to do it?
> Seeing someone ignore the naysayers and attempt the so-called impossible task of developing a new independent browser is awesome to see
According to Hacker News readers, the ladybird shouldn't be able to compete in the browser space. It's too difficult, the spec is too large, its competitors have large pockets. The ladybird tries anyway, because ladybirds don't care about what HN readers think.
Congratulations on the kick-off! Now that Ladybird is no longer a part of SerenityOS, will you consider a switch to a licence which not only grants, but also protects user freedoms (e.g. the GPL, MPL, EUPL)?
Also, any thoughts on having official communication channels on some open, freedom-respecting platforms, rather than Discord only?
Thanks F3nd0! There are currently no plans to switch to a less permissive license.
And we're perfectly happy using proprietary services like GitHub and Discord as long as they make our work easier and more enjoyable. We recently evaluated a number of alternatives, and found that they all introduced more friction than we were comfortable with.
Although the task of building a browser is itself challenging, we're a pragmatic project :)
> There are currently no plans to switch to a less permissive license.
Hey, just a reality check: in the event that you actually do become wildly successful, this means that others (Google, Microsoft, etc.) will be able to fork the browser and then develop it faster than you - thus leaving you behind and taking away your users! Would highly recommend leaving yourself some mechanism to prevent that, unless you're really okay with the project defeating itself through its own success.
Note they won't have to do a better job in the long run, just a good enough job in the short run to leave you behind. But yeah, as long as you're keeping this in mind :) best of luck!
Not even that sometimes, browser popularity can just be a matter of advertising (eg how chrome took off in the internet explorer offboarding era even though there were objectively equal or better alternatives at the time by just using google's internet omnipresence at the time for advertising). Sadly, modern internet is governed more by advertising industry rather than any kind of open-internet principles.
But ultimately this is all developers' decisions and I respect that. If anything, if a major company decided to take off and invest, they could do it in any case, publishing their modified source code would not make that much of difference essentially. It is really refreshing to see at last a browser that does not absolutely depend on google's resources in any way.
"Ah that means we must remove all security protections, instead of you know further strengthening security."
If older GPL failed, this means we needed a stronger license...such as AGPL, or in future something even better, instead of giving up and saying we should have just given them shit on a platter.
WebKit, the rendering engine that originally powered Chromium began its life as a fork of KHTML a GPL-licensed rendering engine produced by the KDE project for their Konqueror browser.
The rendering engine: Chromium had to be kept "libre", because khtml/Webkit was LGPL.
The browser: Chrome. could be kept closed because the LGPL allow the integration of libre libraries in closed products as long as the library itself remains "libre". In this case the library is the renering engine: Chromium.
As a counter example MacOS was built on top of decades of work on the BSD operating system and Apple is under no obligation to give the code back to the BSD project... and it doesn't.
So the most valuable company in the planet took from the community and it doesn't bother to give back.
Both companies did the bare minimum demanded by the respective license, its just that one license forces a bit more as bare minimum. Think. What does this mean?
If you use a license that demands even more, you could have pressurized the companies to behave even nicer.
Which would raise the bar for them requiring them to spend efforts writing it in house or procuring similar elsewhere. The more polished and complex a package is that is hard to find alternatives for, the better the leverage.
Yes, forced to follow. Its a sign in retrospect that KDE should have used an even stronger license. I don't know if AGPL existed then, but if I start a browser today, I'd license it as AGPL. If you want to use the project, you have to release your changes to your users. If you don't want to do that, good luck, spend millions on developing an equivalent application in house. Thats the beauty of GPL like licenses.
With BSD companies are under no obligation to release their changes, and like any self interested party, most don't.
The parent said GPL, which is what got me confused. LGPL makes more sense.
Although... this still doesn't explain why the other parts of the browser besides the rendering engine are open source? i.e. if the license was the reason, then presumably Google would've made the rest of the browser closed source, but that wasn't the case for most parts.
I’m aware. The context of dataflow’s original inquiry is of some mechanism to prevent a large corporation forking a codebase and running away with users; Google didn’t need to close the Chromium source to pull that off.
Imagine Ladybird is developed and is successful. Lots of people use it to read websites.
But then Badcorp takes the code and builds their own varient with extensions. Badcorp is big and has lots of market share. Lots of people use Badcorps's browser, and because lots of people are using it, lots of web developers code for it, including coding for its extensions.
Soon, lots of websites -- including Badcorp's own websites, and they have lots of popular ones -- use the extensions in the Badcorp browser.
Then people still using Ladybird can't use it for most websites. They have lost something.
What if BadApple takes BSD and forks it. Then they make their own BSD with extensions that only works on their own shiny fruit hardware.
What have the original BSD users lost? Absolutely nothing. BSD still exists, it’s still maintained, and people can still use it. They can also use fruit BSD if they want.
The big difference is: how important is the software for interoperability?
With an OS core, interoperability isn't really important. Existing BSD users presumably weren't too interested in buying shiny new Macs to run their BSD OS on, so Apple using BSD as the core of their OS really didn't affect them. Moreover, existing BSD users didn't need to interoperate with the new MacOS users. An OS isn't some kind of network protocol. BSD users could work with MacOS users just like users of any other OS, using existing network protocols and other standards.
The poster child for the BSD/GPL argument on the GPL side is usually Microsoft's "embracing and extending" of Kerberos. It's a network authentication protocol, licensed with a BSD-like permissive license, and Microsoft infamously forked it, creating their own proprietary extensions. This resulted in only non-MS users not being able to fully interoperate with MS users.
We do already see cases now where web developers write websites targeting Chrome-only browser extensions instead of sticking with standards. In theory, if this happened with Ladybird, it should be possible for the original devs to simply add their own versions of these extensions, but how feasible that it I'm not sure. Currently, there's Chrome-only extensions which apparently haven't been implemented by Firefox for some reason, so maybe it's not as easy as it sounds.
1. All the BSDs have been out there for decades without anyone running with it.
2. Google and Microsoft - while being a shadow of their former selves technically - are probably still very capable of reimplementing whatever they want.
3. If Ladybird gets so wildly popular, lets celebrate wildly!
Yet BSD is very alive and nobody who wants BSD is lost to Mac.
At least I personally have never heard anyone deliberating over a free BSD vs Mac.
Edit: and of course upvote. Apple ran with it. But they didn't run away with it. We still have it. Actually we have some patches thanks to them. As I mentioned in my other reply: Open source is not a zero sum game.
In a relative sense, I would argue that Apple has pilfered an order of magnitude higher value from the community than they have given back. The only example of Apple's net-positive contributions seem to be CUPS and LLVM, both of which were cross-platform before Apple took control. Compared with how much networking and userland code they've taken it feels like a trillion-dollar pittance. Even Microsoft chips in more.
> In a relative sense, I would argue that Apple has pilfered an order of magnitude higher value from the community than they have given back.
I take objection to the use of "pilfering" to describe usage of software according to the terms specified by its authors.
Or would you somehow argue that some features disappeared from BSD thanks to Apple copying their code as they were expressly allowed to in the license?
Furthermore, even if it wasn't free software but rather MS Windows or a "pirated" movie many people here would argue it wasn't theft but just unauthorized use.
They do? With what? (Besides Linux kernel drivers that are only useful for running Linux on their own VM solution.) I guess VScode, for people that use it?
CUPS is fantastic, though you're right, it was cross-platform before Apple took control.
Well, macOS is sort of BSD, but not quite. The kernel isn’t really BSD despite large sections being originally taken from BSD. The XNU kernel isn’t really BSD anymore. Then, the userland (BSD is both kernel and userland developed together) isn’t really BSD anymore, and Apple neglects their UNIX userland anyhow.
It is used in Cisco's email and web security appliance, which is also their hosted offering. This appliance was previously known as IronPort, before being acquired by Cisco.
Have you caught anyone deciding to go with Cisco instead of BSDs on their servers or their laptop?
I'm serious here: Open source isn't a zero sum game.
Partially thanks to the permissive license of BSD we now have both Mac OS and JunOS (edited: it said Cisco first), which is a good thing, not a bad thing.
The problem with Chrome isn't that it exist but that it has been forced upon us and the fact that we know they have used questionable methods to establish it as the dominant browser.
It's rather condescending of you to assume that the developers of Ladybird aren't fully aware of the consequences that their choice of license entails.
That certainly wasn't the intention. Was there really a need to turn this into a personal swipe? This is a common outcome many smart and talented developers have historically come to regret. You can find their stories all over the web, including right here on HN. I didn't want to see the same thing happen here, is all.
There are very simple game theoretic-esque arguments that many fans of BSD/MIT dogmatically refuse to acknowledge, I've never gotten a straight answer from them, zero actual data when asked for any against my argument and just try to weasel out of the debate somehow.
I don’t maintain any particularly important software, but I would be extremely happy to know that code I wrote is used in major products everyone uses; so, I prefer to use licenses that minimize the burdens on users.
Also, I don’t think intellectual property is real and so I don’t think I can make demands on the users of my code: it seems to me that there’s an implicit contradiction in the GPL between the FSF’s anti-IP stances and their attempt to control how their software is used using IP constructs.
And indeed GPL/AGPL minimizes burdens greatly on me as a user of a product, I can easily download to debug and if wanted modify the source code of the project of the company I want without involving anyone else.
Whereas if the company had forked a BSD project, there is no such legal recourse for me if the company chooses not to share the sources, at best you can hope to talk to them/pressurize them but of course that is most cases futile. As a user its much more inconvenient for me, I need to use advanced debuggers, disassemblers, etc to debug or modify. Sometimes even that does not work.
As a user, GPL/AGPL provides me far more convenience by default than "permissive" licenses do. It gives me an assurance I can just as easily see and modify the sources of any forks of the project, and if in any case such fails, its only because it wasn't strong enough, for example using GPL software in SaaS, due to which stronger licenses like AGPL were invented.
I believe in the simple golden rule, you give back to society what society has given back to you. Just like all others who gave back their changes, I trust any corporation should have no difficulty, since they are using the product of thousands of man hours for free. Not a single dollar is required, only the source code of any new changes made.
Secondly, my game theoretic argument. Lets say a powerful corpo takes your code and makes something that turns out very useful and popular. If it was BSD, they have no obligation to share anything back and your original project is left to dry and rot. If it was (A)GPL they are obliged to return the changes, and then you can absorb their changes and beat them to the punch. Its more competitive and creates a stronger capitalist environment. BSD's end state is feudalistic, GPL is capitalistic.
Also, I trust you'd be happy to have your code MINIXed, to have your code end up in closed source bootloaders locking down your new ARM laptop, and so on. At least with GPLs you get some code dumps. At least with Androids we end up with a begrudgingly shat out Linux source dump, that helps a little at least. With iPhone you got, absolutely fucking nothing, nil, nada. I am just suggesting please do not complain if BSD works ever end up creating such a world.
> Also, I trust you'd be happy to have your code MINIXed, to have your code end up in closed source bootloaders locking down your new ARM laptop, and so on.
Yes, this is implied by my view that IP is a fiction
Its a religious thing unfortunately for some developers. They don't seem to understand the concept of all entities esp large companies acting in their self interest unless forced to. They are building the noose by which themselves will be hanged, and I think it'd be hilarious to see once we finally see the current crop of MIT/BSD being used to completely lock down hardware and software. And these developers unable to use their own hobby oses anymore. I don't know if they will still see what their error was, they probably won't, as I said its a religious matter. And religious dogmatism is a strong bulwark against logic and sense.
Chrome in itself is not the problem. Competition is good. Firefox is better now thanks to Chrome.
Neither is Safari. Safari is actually part of the solution. Safari has saved Firefox and other browsers by being the only option on iOS for a long time and a better choice for many (because of battery usage) on Mac OS. Without Safari I am afraid we would all be locked into Chrome now.
The problem is that Google, like Microsoft before them,
1. used their dominant position in one market to force their way into dominating another market,
2. used various underhanded tactics to make users think Chrome were better while in reality it was just given better treatment by their backend servers and also the Googles frontend devs[1]
3. and that unlike Microsoft they still haven't got a multi billion fine for it and haven't been forced to advertise alternative browsers for months.
[1]: see various bugs[2] in everything from the core of the Angular framework to Google Calendar to YouTube
[2]: yes, I am generous enough to consider them bugs. I am fairly certain though that bugs that doesn't affect Chrome aren't exactly considered top priority.
If you're going to complain about 1-3 for google and ms, I don't think you can praise safari in the same breath.
Apple's abused their position with the iPhone to make safari relevant, and unlike Chrome and IE, users can't just install another browser.
Apple's behavior is the only reason I can't run my own addons I've written for firefox on iOS (they run _fine_ on android of course), why I can't run uBlock origin on iOS, and so on.
Apple's behavior on iOS is far more egregious than anything microsoft or google has ever done.
I never once had to run IE or Chrome unwillingly since I could always install netscape, or mosaic, or firefox.
I'm forced to run Safari, unable to decently block ads, unable to use the adons I've written, unable to fork and patch my browser to fix bugs, and I've generally had my software freedoms infringed... and if I don't run safari, then I can't talk to my family group chat (no androids allowed, sms breaks the imessage group features too much) or talk to my grandma who only knows how to use facetime.
I wish so much I could use a phone with firefox, but I can't justify having a spare iPhone just to talk to my family, so I'm kinda forced to suffer through safari, held hostage by apple's monopolistic iMessage behavior.
The only thing that comes close to Apple's behavior is Google's campaign to force Chromebooks upon children in classrooms, requiring them to use Chrome, but at least Google isn't holding their grandmother's hostage... and managed work/school devices already are kinda expected to have substantially less freedom than personal devices, so it feels much less egregious.
Maybe I missed something but your arguments seem be about how Apple’s locking down of iOS/iPadOS and Safari are harmful to user freedom. That’s a very different argument from the one the person you’re replying to was making. They were saying that the popularity of Apple’s mobile devices coupled with their only running Safari holds back a Chrome monopoly in the browser space. If people don’t support Safari they lose out on a large portion of users.
The story would be different, if Apple wasn't miserly with their native APIs and App distribution. But this is indeed a harmful and competition-restricting decision, even in Mozilla's opinion: https://mozilla.github.io/platform-tilt/
So I think we can safely assume that Apple's policy harms browser diversity by forcing their users to support a single minority option. If their users preferred a more feature-filled browser, we would never know; they aren't sincerely presented an alternative choice. If Apple wants their users to defend Safari, maybe they should invest in it until their browser (or Operating System, for that matter) competes with Chrome. Until then, they're promoting a megalomaniac solution and being a sore loser about it at the same time.
> You mean the company dominating the internet heavily promoted and pushed users towards its own browser.
If the company dominating their hardware did any better, maybe the majority of them wouldn't leave Safari. If Apple doesn't want to build a competitive browser, then they need some (non-anticompetitive) strategy to retain their users. Otherwise we're doing the Microsoft Shuffle again.
> Where by "feature-filled" you mean "all the Chrome-only non-standards because free market or something"
No, at this point I really do just mean "feature-filled". iOS has notoriously restrictive APIs and it makes full sense that those users would want a browser do do the things Apple prevents their iPhone from doing natively. At the rate Apple's heading, I wouldn't be surprised if next-gen iPhone apps were just PWAs that hook into WebGPU. Big-business has no reason to keep living under Apple's thumb, and market regulators can't justify it in Europe, Japan or even the United States.
> If the company dominating their hardware did any better
Apple doesn't dominate all of hardware. Google, however, dominates major access points to the internet, and used it to aggressively promote its browser.
> No, at this point I really do just mean "feature-filled".
I doubt it
> iOS has notoriously restrictive APIs and it makes full sense that those users would want a browser do do the things Apple prevents their iPhone from doing natively.
Ah. So you are talking about Google-only non-standards
> I wouldn't be surprised if next-gen iPhone apps were just PWAs that hook into WebGPU
Android has been the dominant OS for over a decade now. It has no real or perceived limitations of iOS. We've yet to see a single amazing PWA future we hear so much about.
> We've yet to see a single amazing PWA future we hear so much about.
Then maybe it's time you gave Android another try. Chrome runs on mobile just as well as it does on desktop, so any of the web apps you use on your computer work fine on phone too. It makes modern Safari look like a tofu browser substitute by comparison.
> Then maybe it's time you gave Android another try. Chrome runs on mobile just as well as it does on desktop
So?
> so any of the web apps you use on your computer work fine on phone too.
So where's the amazing PWA future we hear so much about. All the "amazing web apps" we hear about are shitty slow bad monstrosities that can barely display a few lines of text without jank.
The very few actual great apps which are made ad great engineering effort and expense (like Figma) don't run in full mode on mobile for obvious reasons.
So, my question remains and you haven't answered it.
Edit: There are some web apps here and there which are surprisingly good. E.g. I'm quite impressed by Foodora's app. And it runs well on iOS, too. However, 99.9999999% of the "great PWA future" is just garbage despite the "Chrome runs just as well on Android".
Although Orion also has built in a (simpler) implementation the most important Firefox for me and I assume many others, tree style tabs. Orions built in version doesn't have the full customizability from TST but it works and presents tabs nested by what tab the descend from which is the most important feature.
Kind of in in the same way that people are thankful for Churchill: not because he was a fantastic man in every way (he wasn't) but because he saved us from something even worse.
If you have to convince people that you are seriously telling the truth, you are probably making an unproven assertion that relies on many benefits of the doubt.
Yes, and the commenter claims that in this context this is actually good because it halted chrome/chromium's dominance in the internet (and I actually agree). It may sound paradoxical, but context is important imo.
I even thought it wasn't necessary to test them separately but I recently heard from someone with more and more recent experience that some differences exist, particularly around prefixed css attributes. Can't say for sure though, but that was why I wrote my comment above somewhat defensively.
EU law does force them to advertise alternative search engines. I just updated Chrome on my work laptop and they gave me a slate of search engines. My Chrome defaults to Brave Search now.
A: "Hey the measures we took weren't enough to prevent the abuse?"
B: "Ah I see that means we should just give up all measures, instead of you know advocating for stronger measures or anything else obvious and logical like that."
This only means we must start any projects today with stronger GPL or similar variants such as AGPL.
You had a security breach, despite using a better set of technologies and techniques.
During the postmortem, you suggest this means we should give up all security or just use the weaker solution, since its all the same, the server would have gotten breached in either case.
Instead of advocating for building a stronger security.
"Better" is a subjective term. I would probably stay on OG Ladybird if it meant MS/Google-ified LB starts screenshotting/OCRing/Uploading/LLMing all the data, even if it were to become faster and more slick.
Slow computing it's sometimes called [0]
I sometimes experience some friction (really acceptable though) on Firefox, it has never lured me to Edge of Chrome. Some people have standards you know ;)
License "permissiveness" is a relative concept. From the point of view of the users of your software, the GPL is more permissive than MIT, since they have permission to see the source code. If you release software under MIT or BSD licenses, you allow middlemen to strip this right to users of your software.
> you allow middlemen to strip this right to users of your software.
That's not true.
Somebody can take the source code and build something closed on top of it, but the original code will be already free, and you will always have the right to see it.
For example, PlayStation OS is based on FreeBSD (AFAIK). They took it, adapted it and added a lot of stuff. Did you lose the right to see the source code of FreeBSD ? No. Can you see the source code of PlayStation OS ? No, but you never had that right, so you have not been stripped of anything.
GP is clearly talking about this is the same context that the GPL does. This is a decades-long running debate and it isn't as simple as you and the sibling commenters are trying to make it.
Of course it doesn't change the original project. But when people take the codebase and build a new product on it, what GP says is absolutely the case. The devs can withhold all code and rights to it from the next user. This is most commonly an issue when it comes to libraries rather than end products, but not always.
It doesn't also have to mean that the original project dies or disappears, it can just rob from their growth potential. Examples are quite easy to find. There's been a big hullaballoo over cloud providers taking open source projects and competing with them by offering managed versions of the service that are well-integrated into their ecosystems. Economically this is also a problem because the cloud provider can then undercut the price of the managed service compared to the official one since they aren't bearing the burden of building/maintaining the codebase.
I'm by no means against "permissive" licensing (MIT, etc), I think they have their time and place just like GPL, etc, but I am against dismissing valid concerns with shallow replies.
I think it will come down to distribution. The current crop of browsers are already open source and available. I'm not sure that a closed fork will really work for much or be a significant risk.
At least not now or the foreseeable future. I also don't think community support would work towards that.
I'd favor the more permission mit/isc as long as reasonable myself.
as you said, this is a decades-long running debate, and pretty much every argument has been heard, ad nauseum. That makes this "valid concern" a pretty low-quality reply.
The first freedom that GPL-lovers have is whether or not to use the project.
Is a PlayStation user a FreeBSD user? Yes, clearly. Can he see the source code of the FreeBSD derivative he is using? No, obviously not. Did FreeBSD make this possible? Yes, obviously.
> If you release software under MIT or BSD licenses, you allow middlemen to strip this right to users of your software.
No you don't. You're being extremely disingenuous with this phrasing. No matter how many other parties take the source code and make a closed source product out of it, the users of your software will always have the same rights you granted them to begin with. No freedom has been lost.
And before you say "but your users won't have the same rights to the derivative works", that isn't a loss of freedom. They never had those rights to begin with, therefore they cannot lose them. Not gaining something is not the same as losing it.
That is a complete nonsensical claim & willful attempt at spreading misinformation:
Permissive licenses doesn't grants you less freedom than GPL, infact it grants you more because the user also has the freedom to modify source code without being enforced to make it public.
Companies copying the codebase to their propietary ones won't automatically strip right of users, licenses don't work like that, the original codebase will still be fine. Whether said companies will contribute back is irrelevant.
You can copy GPL code, modify it and use it personally and nobody is going to care unless you’re making tons of money. The entities pushing for MIT style licensing are massive and for profit.
> The entities pushing for MIT style licensing are massive and for profit.
I license all my stuff with permissive licenses because (in my opinion) they are more free than the GPL and such licenses. I don't have any massive for-profit company pushing me to do so. Mr. Kling is also not a massive for-profit company, he's just a guy making the software he wants to make. Your argument is in very bad faith.
I don’t think you’re pro-slavery, but I do think you picked a metaphor not for the light it sheds on the issue, but the heat—and then preemptively dismissed a strawman objection to it instead of, say, improving your own communication.
The parenthesis was an edit that I put after receiving downvotes.
I think the comparison is correct, in that who claims copyleft licenses are less free only considers their own freedom, not that of the society as a whole.
And it seemed a good example since most people will have heard of that, if not studied it in school at the very least.
I'm guessing you're being downvoted for comparing software to slavery. Generally speaking, the modern society seems to have forgotten that the world isn't binary - you can make comparisons and have similarities that are far apart on the spectrum so aren't equalities, but can still find informative meaning.
But to your point, this exact argument was used by top southern politicians to justify slavery! It was the freedom of the slave owner, their right to own property, that justified slavery. James Hammond famously made this argument to congress shortly before the Civil War broke out. If this is interesting to you, Eric Larson just released a great book called "The Demon of Unrest" that covers this.
The point is understood, but it is a problem with copyright laws, and not only with the license.
This is why I had suggested before, that if you cannot just abolish copyright laws, then to make the license which will allow freedom except that it cannot further restrict anyone by further copyright. No attribution is required, no notices of changes are required, etc; the only requirement is that any further restrictions you claim on your version will be invalid. This is therefore effectively similar than as though you did abolish copyright laws, but only this program. (However, for practical purposes, I had allowed to (optionally) relicense by GNU GPL3 and GNU AGPL3, although only if you are able to follow the terms of those licenses (e.g. having the source codes available, knowing who wrote the original code, etc).)
I would say that the users are the slaves. Without GPL software, we could end up in situations where hardware vendors stop shipping software updates, so we are slaves to capitalism by having to buy things we shouldn't need to buy.
This goes hand in hand with right to repair in my opinion.
I think permissive here is a technical term, and is being used correctly from a legal perspective as far as I understand although I am not a lawyer. The GPL is less permissive than a BSD or MIT license because it places more restrictions on the licensee. This is a legal fact and not a matter of spin.
If you look at the parent comment directly above in the hierarchy, it is pretty clear that they are talking about a company coming in and taking it, adding stuff to it, and calling it their own browser. I think you have to try pretty hard to read in that GP is saying that the original source code license would be changed.
Indeed. This is something I could see myself contributing to (or attempting to, anyway), but as soon as I saw Discord+Github, I lost all interest.
Github I can understand to some extent, it's a convenient temporary staying place until they can afford, community-wise, to move to something truly open, but Discord? In this day and age?
Discord IS the platform of this day and age, what the hell are you talking about? You might not like Discord for whatever reasons, but trying to make it sound outdated or legacy is very weird sounding.
There was a hype for discord about 5 years ago for EVERYTHING - discord servers were made for every little thing and there was little to no objection about it.
But in recent times, I have seen many people complain about the lack of searchability, discussion-thread management, and other stuff in Discord and moving away to forums, especially for software projects. There is definitely a lot more disgruntlement with Discord today, so their statement makes sense.
It is the platform of this day and age much like Instagram or Xitter is. Doesn't make it very smart for FOSS projects to be using it for their primary coordination and communication.
That doesn’t seem like a nonstarter if the goal is to have public conversations. While I certainly agree that E2EE could be very valuable to some of discord’s use cases, I expect there are a lot of valid use cases for public discussions in open source projects where E2EE would not be an improvement at all.
IRC. And for slow discussions with long messages, you can use NNTP.
(However, GitHub is accessible by git in case you only want to download the repository, regardless of what else they do; however, having multiple mirrors on other services as well can be helpful)
Better but a the real alternative is what we had before: publicly visible forums, mailing lists with an archive, etc. I'm not going to sign up for your discussion group without being able to get a feel for the community first.
Indeed. There can never be just one platform for project communication, because there are different kinds of communication - mostly sorted between synchronous and asynchronous.
So, IRC, Matrix (these can even be interconnected) for synchronous, mailing lists or forums for asynchronous.
And of course issue tracker, where some topical communication can happen as well, but that could completely be covered by mailing lists.
There's no reason to ever have anything non-open in your FOSS project's infrastructure.
"There's no reason to ever have anything non-open in your FOSS project's infrastructure."
Except, that it is easier to set up? What you describe sounds reasonable. But someone needs to set all that up and host it and needs to be trusted etc.
So I guess if many people get involved and do set this up, they would convince the rest of the team to join them. But right now it is just a demand for more work for them.
You are correct, of course. If the project leadership does not see a value in using open infrastructure, of course it would look like additional (and unreasonable) demand. It's up to them.
Would you volunteer in setting up a forum for ladybird and host it and can you convince Kling and co. that you will be around to host it for the next years to come?
Because that is a project in itself and as much as I despise discord, I understand why they just went with it.
If I had a serious interest in the project (more than, say, maybe sending a patch here and there to fix my pet peeve), I would definitely volunteer for something like that if there was a demand. That's something I quite enjoy, and am reasonably good at, I think.
And as for me being there for years to come, who can say that for sure? I would absolutely try to. For that matter, will Discord still be here next year?
"For that matter, will Discord still be here next year?"
Probably way more likely, than a random volunteer. Kling said they used discord because it was easy. No energy spend there. Migrating the communication structure is work and energy. Friction.
But so far I also did not followed developement closely, because I did not set up discord yet and do not really want to. But I realize I am not in the majority here and I do not think I am in a position to demand anything here. Your words sound a bit like demanding something.
Not demanding, sorry if it came out like that. :) Just a bit of constructive criticism.
As for random volunteers disappearing, the protection against that is easy - increase the bus factor, by multiple people having necessary access, and by keeping your infrastructure documented. This should be table stakes for any project that becomes even marginally popular.
Then, if a random volunteer disappears, things might slow down due to lack of manpower, sure, but not come to a screeching halt.
You can't increase bus factor with Discord, since it's out of your control.
"As for random volunteers disappearing, the protection against that is easy - increase the bus factor, by multiple people having necessary access"
That is not easy. It works till the first drama and then some angry person deletes it all, or changes and takes the keys with them. So you have to really take care who to trust.
"If the project leadership does not see a value in using open infrastructure"
And I do not think he ever said that. He just said it was easier this way for the moment. Not that discord is meant to be the solution till eternity.
Sure, nightmare scenarios can happen, but how often do they, really? There are many successful FOSS projects who have teams of volunteers taking care of infrastructure in this way for years, if not decades, and how many bad situations have we had overall?
Simply put, this approach is proven to work. We can always "butwhatif?" ourselves into a corner and get paralyzed because of that, but it's senseless.
It is not a nightmare scenario, but a pretty common human thing to make drama.
So I totally agree, that there are tons of examples where it worked and in the long term I also think they should switch to something better, but for the moment I see why they don't, as it is working for them as it is.
Agreed, Discord is a terrible platform and I wish people stopped using it. I expect in the next five years or so it'll undergo a very rapid enshitification and people will start using other things after that, but by then we'll have a decade of lost content.
Ditto. Discord is fantastic platform to use and I'm a member of so many interesting communities across a range of subjects, but it does seem so very precarious to rely on the company to keep it going as it is.
This is a welcome initiative speaking from a personal and professional perspective, and as CEO of an independent search engine; we are all too well aware of the power of money and defaults.
This immediately comes to mind as akin to the Signal vis-a-vis WhatsApp etc. Here there is an obvious reason to use Signal and a well-understood proposition. What might it be for Ladybird? And how will you differentiate?
To be honest, we are so far behind everyone else today that we're 100% focused on catching up technically, and not thinking much about differentiation. :)
That said, I do think we'll find ways to differentiate given our uncommon situation with no ties to the advertising industry. This gives us the ability to experiment with privacy measures more aggressive than others may be comfortable with for fear of losing funding, for example.
With no ties, direct AND indirect, that does make Ladybird uncommon, like Pale Moon.
Our own approach to privacy is as radical as it gets in search: "No Tracking, Just Search". As we often say: tracking, not ads, is the fundamental problem. Contextual ads do not need necessarily to have tracking. Though the duopoly of search ad networks makes that a hard road too.
Good luck. Excited to see how Ladybird progresses.
Well, your tie to the advertising industry is that large parts of the web are funded by advertising. Get too anti-advertising and servers will just treat you as an ad blocker and find ways to stop serving you.
That’s what they pivoted to after being expelled from Mozilla, but that wasn’t the original goal, was it? It’s the safer(?) one they turned to when the job security evaporated.
(Not sure if that changes anything, just feel obligated to point out the retcon here.)
Agreed, I really hope that someday we'll get a full rust browser, because rust is a language where I could see myself contributing (e.g. fixing bugs that annoy me when using it all day) to it, compared to other languages like C/C++.
Re better embeddability, sure. As best as I can tell the Firefox devs have been feeling some amount of dismay due to the fact that everyone embeds Chromium/Blink, despite the whole Mozilla/XUL thing having been built more as an application platform rather than as a foundation for one specific web browser. And that’s entirely understandable, as is attempting to do better on the second go-round. But now it seems that Servo is explicitly targeting embedding and -adjacent use cases only, and that’s a post-Mozilla thing.
Re “safe”, I meant that targeting the embedding usecase is safer in a social and project-planning way, as in smaller probability of other people calling them nuts and greater probability of getting something usable in a finite amount of time. Which is fair enough.
> as is attempting to do better on the second go-round
You seem to be under some impression that Servo before Mozilla layoff and after Mozilla layoffs are the same? They aren't. I mean, the code is a continuation of effort, but the people who worked on it before and after the Mozilla exodus aren't the same.
Servo originally did have the same goal of better embeddability, but after it's resurrection it's only the same by mostly coincidence. Sponsors (Tizen IIRC) wants a fast embeddable browser. That's about it.
If there is a difference between how specs define something, and how browsers behave (and website expect them to behave), will you choose technical correctness or websites actually functioning?
Technically this has been the big problem of HTML5 vs XHTML, and "technical correctness" lost to actual usability.
It depends on what you mean by “Mozilla’s fate”. In general, we are setting a much narrower goal than Mozilla and hope that focusing on only browsers will allow us to keep things simple and more sustainable financially. :)
Mozilla is dependent on advertising money from Google, is that only because they ventured in other directions? I'm not intimate with their finances, but it seems just building a browser is a large enough - expensive - R&D effort.
I think it's the other way around. They determined that to become less reliant on Google for revenue they should explore other directions, and that hasn't been very succesful.
Though I don't fully understand why pulling funding for new browser technology was part of their strategy going forward. Servo was one of the projects that made me excited about using Firefox. I bet that big announcements about moving Firefox to Rust would have consistently bumped usage numbers. As much as people voice their opinions about the RiiR movement in the comments here, it's clear people love those kinds of projects just for the technical novelty. I know I do.
You personally I believe without reservation about this, but the thing about creating a legal person is that it’s separate from you. Its control can—and in the long run, will—change hands. So please, please write this down somewhere, ideally somewhere binding on its future (can donations have conditions?).
Despite that, I hope you'll consider a "pay what you can" popup when downloading the browser, or a donation button built into the browser settings page along with a one-time reminder, or something like that. I don't think that would be monetizing your users in any negative, extractive sense like ads do, it would still essentially just be a donation, just asked for in a more obvious way and made easy and convenient to do as part of using the app, instead of a vague separate thing that'll take work to find and that won't occur to most people to do. Personally I think charging users for software (as long as it is also FOSS) is totally fine, it's probably the only sustainable model for software that isn't ads or corporate sponsorship, and it actually serves to align the incentives of the software's developers more closely with users, instead of doing anything bad, but I respect that line.
I wish you luck, more competition in the browser space is sorely needed. But please, please spend more time thinking about your finances. The surface of planet "Startups That Will Figure Out A Business Model Later" is like 99.9% graveyard. You're going to be asking people to depend on your software for an extremely important part of their lives. If you don't have a path to sustainability, you're going to do a lot of harm when you close up shop.
Between the lack of a business plan and your responses about licensing, I'm afraid I feel you're coming at this from a naive point of view. This is a seriously important line of software you're entering, please do take some time to take it seriously.
Will watch your progress and again, I genuinely love to see your project. Good luck.
A non-profit foundation taking donations is a "business" plan and IMO the only one that has a chance of building a true user agent in the long run. That doesn't mean that it is guaranteed to succeed but I don't think there is a better funding option thatwon't come with conflicting incentives.
No, "people give us money" is not a business plan. When you're starting a business (yes, non-profits are businesses) and employing people, you need to be thinking about marketing, user acquisition & conversion, pricing structures, corporate sponsorships, and so on. I know it's not as much fun as programming, but neither is eating out of your neighbor's trash because you can't pay your bills.
It is a non profit foundation. Not a buisness. And so far they managed quite well to get funds without all the buisness plan things you want them to add.
Mozilla went that route and many are not happy with that.
So I am really happy for Kling and the project, that they managed what many others only dreamed about. Focusing on developement - delivering - building trust - getting funds.
Why do you want to change the plan, when it is working?
I'd add that fundraising has worked well for the Wikimedia Foundation. They're taking in around $175M/year via donations. That isn't the nearly $500M/year that Mozilla gets from Google, but it's still a ton of money.
I don't know if people will donate for their browser like they donate for Wikipedia, but if it's able to bring joy to people, it could be pretty sustainable. Even Mozilla takes in $10M/year in contributions.
I'm not sure Mozilla is a good case for a lean software project.
If they didn't give their CEO $7M per year, spent money acquiring businesses like Pocket, gave up their braindead attempts at monetizing user data while simultaneously running bizarre tone-deaf "free internet" studies, and just focused on the browser and improving the development experience (is there a worse open source project than Moz??), they might fare better.
I've heard Andreas Kling say that they will not accept donations that have strings attached. This means they can never sell search engine placement to Google for instance. This is what ties Mozilla to Google.
That's right. The Ladybird Browser Initiative will only accept unrestricted donations. We're missing out on a fair bit of money this way, but we believe it's the right path for us.
I think he's saying precisely that they won't, and I support this. What is issue sponsorship but a donation with strings attached? It would mean ceding control of the direction of the project's development to the highest bidder.
I believe that's also what the Zig Project is doing. I hope that this sort of thing becomes more common, as browsers and programming languages (and many more things) really are things that we should have as "common goods" that don't have the interest of a corporation before the interest of users.
Look, I am as annoyed as you are with the constant barrage of "rewritten in Rust" projects, but if Mozilla did not try various other projects that are not browser, there would be no Rust.
Rust wasn't a Mozilla project per se, it was something a person who happened to be working for Mozilla was messing around with and it got internal traction.
But I'm actually ok with a lot of the non-firefox projects that they have like the VPN.
What I do have an issue with is the foundation, throwing money away at various projects that have very little to do with making firefox better. From "trusworthy AI" research grants to giving 387k to the Mckensie Mack group or 375k to the New Venture Fund (I get Mozilla are lefties but what does this have to do with Firefox?) plus some other organizations that I can't even tell if they aren't just money laundering fronts as they don't appear to actually do anything.
That and the C-Suite being complete parasites. The CEO of Mozilla corp makes almost as much in a year as the Mozilla foundation makes from donations.
Remove the parasites and the senseless spending of the foundation and you could develop Firefox with the ~20% of revenue that doesn't come from Google.
Also the Mozilla originated Fluent project for localization is another example of a stand out approach. It would be interesting to see how localization fits with the Ladybird browser project as a whole. Making use of a custom implementation of Fluent might actually be a good way of moving forward.
Do people actually use Fluent? When I showed it to some professional translators, the reaction was along the lines of: “Hmm, interesting, but does it fit into my existing [roughly speaking XLIFF] tooling? No? Then no.” More generally, a technical translator’s flow is turning a table of strings into a table of strings with minimal distractions and the occasonal look at the reference; I’m not sure Fluent—however nice it looks—facilitates that.
Mostly not, but the formats and limited available tooling is designed to dovetail with existing offerings. Adoption is extremely low despite fairly easy implementation of most features.
Really? So if the software I want localized uses Fluent, do I have ways to work with translators who use Trados or Transit or Déjà Vu or memoQ or whatnot? My initial impression was that Fluent’s data model is way, way too fancy for any of these (or for interoperability via XLIFF or TMX, imperfect as it is), but I’d be happy to learn I was wrong.
If I recall correctly, Rust was born with building a browser engine in mind, or at least it was one of its earliest motivations. So Rust would have been a thing even if Mozilla had focused on their core product.
>So Rust would have been a thing even if Mozilla had focused on their core product.
Plus, while Firefox is their main product, it's been decades since Mozilla has been solely a browser company. It's like saying Microsoft should stop making Office because it detracts from their OS business. Companies can make more than one product. Some of those products are going to have shorter lifespans or smaller userbases than others and that's OK.
I use Firefox every day, but they have lost so much market share that they have become pretty insignificant. They seem to have an oversized and poor management with fat paychecks.
Don't know about oversized, it felt partly more that eg. Baker was mostly interested in Mozilla as a platform for activism, not in making a good tool for users. The new interim CEO seems to have breathed life into actual browser development.
The new interim CEO has been there for such a short time that she can't possibly have breathed life in anything (she managed to get sued by the former CPO for health based discrimination though, so there's that).
You can get sued by anyone for anything, but my read was that Mozilla's board intentionally wanted to avoid promoting from within because they fired Baker in order to try to change things. The first thing he was asked to do was lay off a bunch of people from the product team, and the complaint also says that Baker was removed suddenly (despite her characterizing it as voluntary) [0]. The board that just fired her can hardly be expected to follow her recommendation for who should be CEO next, and it seems that they weren't happy with the way his org was structured either.
We'll see what happens as the lawsuit unfolds, but I'd be pretty surprised if there is proof that the discrimination was health-based and not due to the fact that he was the CPO who worked with Baker during whatever it was that made them decide to fire her.
[0] From the complaint:
> The board decision to removle Ms Baker was so abrupt that they did not conduct a search for a successor, resulting in the naming of one of their own board members, Ms Chambers, as interim CEO.
> we have almost half a million lines of modern C++ to maintain. ...We are actively evaluating a number of alternatives and will be adding a mature successor language to the project in the near future. This process is already quite far along, and prototypes exist in multiple languages.
What languages have prototypes and where can I learn more?
Whatever language you end up choosing, I hope it will be a memory safe one. Browsers' main purpose is to interact with the outside world, and they even have to run third party code (JS) all the time, so minimizing attack surface would go a long way I think
My favorite type of discussion! Language choice would seem super important long, long term and could provide long run advantage over other engines. Given the goals and philosophy of Ladybird zig seems like a complementary choice, and headed in the same direction in terms of community and freedom. And Perhaps just a sprinkle of something more verifiable than zig on the edges where correctness and safety are super critical. Have a look into tigerbeatle (https://github.com/tigerbeetle/tigerbeetle/blob/main/docs/TI...) and their philosophy.
I wonder if they are thinking Swift - their C++ interop is still pretty new and has a way to mature, but it’s designed for exactly this [1] (we should expect Apple to start doing it with WebKit and other big C++ projects, even perhaps LLVM).
1. Legacy hardware support.
Is it a goal for Ladybird to build for 32-bit and big-endian CPUs out of the repository?
2. Electron.
Do you have any plans to work on an Electron alternative based on Ladybird further down the line?
No free Electron alternative other than Sciter seems to use the same browser engine on all platforms.
There may be value in one that implements the latest web standards.
1. We are not focusing on legacy hardware support. Given our release date is far in the future, we are mainly targeting the kind of devices most people will have a few years from now.
2. No concrete plans, but it's not outside the realm of possibilities.
"2. No concrete plans, but it's not outside the realm of possibilities."
Sounds good. If it also makes it into Serenty OS eventually, it would suddenly make Serenety OS a lot more accessible and useful for way more people. But I think you are aware of this and also of the challenges.
Building a working browser is hard enough on its own.
Maybe item (2) is more up Servo’s alley than what Ladybird is trying to do? Servo seem to be focusing on making an embeddable engine, Ladybird is intended to be a full browser…
We're building one of these (out of a mix of servo, rust ui ecosystem and custom components). It's still pretty early (an initial alpha-quality 0.1 release is planned for the end of this month). We're planning to have a high standard of support for CSS and anything related to rendering, but we're not planning a JavaScript engine (although one could be added) with scripting being directly in Rust (with a Rust-based React alternative).
I thought someone might would take issue with it. :-)
I didn't qualify "legacy" for succinctness and because I have a sense Power ISA users prefer ppc64le.
It's been so refreshing watching this project blossom from literally almost nothing. I wish you success :) Hopefully I can contribute at some point because I think this browser has the best chance of shaking up the monopoly, and I want to daily drive it.
We have a number of big challenges in the immediate future, but I think the biggest one of all will be the long tail of compatibility and correctness issues that inevitably awaits us after everything falls into place.
This is definitely more than a hobby at this point. I already manage 3 employees, with 3 more joining in the next month!
I hope that you continue your herculean efforts to investigate the specs and insist on correctness; the resulting implementations, dug up inconsistencies and edge cases will undoubtedly be of independent interest and invaluable to the community.
> We have a number of big challenges in the immediate future, but I think the biggest one of all will be the long tail of compatibility and correctness issues
No kidding... how about get it roughly working on hacker news, and make it the hackers way to start each day, and pull in as much help and community as possible from here?
Andreas you and your story and your passion for the open web and open tech and your merry band of hackers are going to save the web. Bravo to you and the community that is helping to pull this off. I’ll be donating to help.
Here’s hoping one day I can move to LadyBird and leave the others behind.
Are you working full time on this now? How many people are working on it and about how much time per week are they able to do? Is this expected to hold steady or do expect changes over the coming weeks, months, or years?
Not trying to pry into your personal lives, just wondering because there's a lot of meaningful information behind the answers to those questions.
Yes! I'm already working on it full time, along with 3 employees. In the next month, we are bringing on 3 more.
Given the limitations of our funding model, we won't be building a huge team, but rather a small team that allows us to maintain a runway of at least 1.5 years. :)
Where on the roadmap is GPU compositing? In modern browser programming, I kind of take for granted that I can control the rendering “layers” and certain CSS properties, like “transform,” will be accelerated.
Edit: In Blink, the layer/compositing system extends to SVG elements inside SVG tags, as well, and in WebKit, it doesn’t yet, but there is an active years-long effort going back to 2019 that will eventually land: https://youtu.be/WxqJFxiprrU?si=dhQIgW1V4yS_Ca4s Compositing and using the GPU seems like a complex but important part of rendering in a browser, and a case where it could be good to implement the kind of system that other browsers have arrived at after years of iteration, when it comes time to do so.
> Where on the roadmap is GPU compositing? In modern browser programming, I kind of take for granted that I can control the rendering “layers” and certain CSS properties, like “transform,” will be accelerated.
AFAIK there's some support for it already, but it has to be enabled explicitly with --enable-gpu-painting. I can confirm that with that switch Ladybird can do 3D CSS transforms (which don't work without it).
What’s the biggest technical challenge you envision in the future? It’s the amount of “standards” you need to implement and maintain? What’s the JavaScript engine situation?
There are a ton of standards at a glance, but when you look closer, you realize that much of it isn't implemented by other browsers either, and you only need a fraction of it to render 90%+ of the web. The last 10% will be a huge challenge, but we've got a long way to go before then.
The JavaScript engine is our own LibJS, currently sitting at 94.3% pass rate on https://test262.fyi/ (although the number might be a little outdated, it's supposed to be higher! Need to investigate this..)
Finally get out from under Google's thumb. As soon as Ladybird is half as good as Firefox, then this is reason enough for me to switch. I've lost faith in Mozilla's leadership, and I believe the root cause is the Google money that they rely on.
That's never gonna happen without substantial funding because a modern, remotely feature parity web browser is a gargantuan project even if every developer is a genius. Chromium and Firefox sit at 30 million/20 million lines of code respectively, modern web browsers are basically operating systems.
Mozilla doesn't rely on Google revenue because they love Google so much, they do so because they have hundreds of engineers to pay. A million dollars sounds like a lot but that pays for a handful of engineers for a year. That's not going to get you to 5% of Chromium or Firefox.
Are you aiming for 100% compatibility with modern web standards or are you aiming for some sensible subset of it?
It seems to me that a large volume of code in Blink deals with obscure features with relatively niche use cases (such as WebRTC, WebUSB,WebGL, WebAudio and so on and so forth), which would mean a large amount of programmer effort for very little user-facing gain.
Additionally, in these areas, web standards tend to say 'whatever Chrome does', with FF often lifting large parts of Chrome code to support these features. Even if the above wasn't true, in practicality it is, since all clients are tested against Chrome, you'd need to follow all its quirks to have your browser be compatible.
Are you planning to do a clean room implementation of these features as well?
>niche use cases (such as WebRTC, WebUSB,WebGL, WebAudio and so on and so forth)
WebUSB is a lot more common than one might think, but I mostly see it used in music gear. Companies like Novation use WebUSB to facilitate firmware upgrades, backups, patch management, etc with their synthesizers and workstations.
Its pretty much a necessity for me at this point so that I can remain OS agnostic and still manage my gear.
Fantastic - I’ve been using a bootleg wrapper of your browser for awhile now. Fair seas ahead!
I also have a personalized build step on our pre-production web app that launches the site in Ladybird for my host. It’s been awesome to see the browser lock in functionality along with our own progress.
I remember watching one of the early videos of you starting working on the browser, and you said something along the lines of wanting a browser that was sort of a dumb renderer - one that didn't attempt to be a whole Operating System.
That was a long time ago indeed! To be honest, I think I was partly saying that because I was scared of the idea of supporting the entire web platform. It seemed so far away at the time. :)
Going forward, we want to support the open web as it exists, so you can actually use Ladybird to interact with all your websites. We may not agree that every web platform API is awesome and perfect, but we will honor the open standards to the best of our ability.
That’s right. A version of Ladybird remains in the SerenityOS repo, and people are cherry-picking changes as we go.
Over time, I expect them to diverge enough that this becomes impractical, as Ladybird now allows 3rd party code while SerenityOS does not. It’s up to the SerenityOS community how to handle this.
What's your point of view about quirks as you can find in other browsers and how do you plan to handle websites that rely on unintended browser behavior ?
These days, all major browsers are taking interoperability very seriously. There’s even efforts like the annual “Interop 202x” where people vote on which interop bugs browsers should focus on fixing.
We benefit greatly from this of course, and we will do what we can to contribute when we’re mature enough!
That said, there will always be websites relying on bugs, and for that we will need a way to selectively emulate alternate behaviors in some cases. We are looking at a few different solutions for this but it’s not a huge priority right now as there are far lower hanging fruit in front of us.
Thanks!
Good luck with your project, this single-handedly gave me back faith in the modern web when I found out a few month ago about the progress you guys made since I last saw it
Bravo Andreas, and thanks for working on keeping the Internet neutral. It's a thankless, titanic effort against the Goliaths that want to make it their playground, and us their loyal subjects.
Can't wait for the day I can drop Firefox and use Ladybird full time.
You are spending far too much time online if three neutral words sound like being "pretty upset" to you. There's grass to be touched outside. No one really cares.
You should find a better hobby than getting offended because people that have a different world view than yours. Part of growing up is learning to deal with this fact.
Q1: given that all browsers support non-standard functionality (e.g., CSS attributes not ratified yet, etc) - how will you decide which non standard specs you’ll implement and which you won’t?
(or will you just use Chrome as a reference spec and implement anything it implements?)
Q2: what is your “guiding principle/mission”? Is it to be the fastest browser? The most privacy centric browser? The only 100% standards compliant browser? etc…
—-
Super excited for you. Wishing you the best in this and hope you change the world for the better.
I am a bit confused by the question. Why wouldn’t all commonly used defacto standards be supported? Or are you talking about obscure standards which no one uses?
Any browser that doesn’t display normal websites normally will never achieve mainstream usage. Who willingly handicaps their software?
Will you use Vulkan when it comes to gpu accel or OpenGL?
Will you make better adblocking capabilities by embedding faster checks and rule engines/lookups in c++ than what we have now?
How much can people who do not contribute code affect development? In terms of requests suggestions? E.g. if I would suggest to skip OpenGL and use Vulkan (so basically defining a limit on how old should the hw be), would this be even considered?
Hey please be sure to design and at least mock out a way to host/run a collection of local LLM models in a generic manner. You could give the models access to context/content/history and to bubble up functionality within the browser. I can see tons of potential for something trusted and local which I'm comfortable giving full access to browsing history and not owned by big tech.
This could be key differentiator over other browsers.
I agree, though this does not seem like something that should be built until the browser is at least usable, which currently they're projecting an alpha release in 2026. By then things might be totally different, so don't architect yourself into a corner with it, but I also wouldn't invest much or any time into it right now. Focus on building good APIs/extension points though, and those will be immensely useful whether for local LLMs, extensions, or anything.
Yeah, wasn't thinking about actually building it out, just mocking it out and taking into consideration to allow for it as you build out browser. So much easier to plan for rails, rather than foist into something later on.
edit:
> Focus on building good APIs/extension points though, and those will be immensely useful whether for local LLMs.
I think we're saying the same thing, focus on good extension points for the local LLM use case.
Do you see Ladybird beating the incumbent browsers in any dimension .e.g. performance, usability?, security, etc?
Personally, I much prefer developing for the web than native so if there were APIs exclusive to Ladybird it might create a nice virtuous cycle of developers targeting Ladybird to do new things and users using Ladybird to try those new experiences.
As someone who has very little experience working on a browser, but is interested in helping, could you possibly recommend where a dumb dude that wants to help could get started?
There's probably a huge influx of people trying to get involved now, which probably really complicates and muddies the waters right now as well.
Would be awesome to have the UI/UX of arc with non-chrome browsers! It's the most productive browser ever, with the spaces and the bar on the left. Safari doesn't come close I'm afraid, as it closes all the windows when switching a space
We’re always open to new developers! Find a website that doesn’t work right, then try to figure out why, and see if you can fix it :)
The best for a beginner is usually to start with some simple page you made yourself, since you know how it’s supposed to work, and can debug more easily.
And come join us on Discord, there are new people getting into the codebase all the time :)
Just wanted to add a note for the roadmap: Please make sure it can compete with Safari on battery usage, so those who are mobile on a Mac are not left behind.
Hey kosolam! There are already many forks and ports of existing browsers. Do we really need another one? :)
By building a new engine, we can increase ecosystem diversity and put all these open standards to the test. We regularly find, report, and sometimes even fix bugs in the various web standards - stuff we find just by being the first to try and implement everything from scratch in a long time!
We also believe it’s good for the world to have more engines that aren’t directly or indirectly funded primarily by the advertising industry.
That's the unique value proposition of Ladybird. It uses the open standards as the jumping point, investigates and de facto documents the divergence of modern browsers from them. It is a precious and important work.
How is knowing where the published standards diverge from de facto standards precious and important work? You say that's where the value is, but the subset of people and organizations who would pay for that (if it's valuable, people will pay, right?) has to be pretty small.
No? There are tons of valuable contributions, pure and applied, that "people" (markets) do not pay for at all, or pay pittance relative to their usefulness.
It makes it much easier to build new engines in the future. Even if only a few people are interested in this knowledge, they can make a big impact with the software they write.
I'm also curious about this. When it was just a toy project it made sense to write everything from scratch. If it's supposed to eventually be usable by people, a hard fork of Chromium, or at least some Chromium components might make more sense. Having a browser that improves hackability and user freedom while working just as well as Chromium sounds like heaven to me. Anyways, I'm clueless about browser development so I might be completely wrong.
It's an unmaintained prototype without anyone actively working on it.
Once we get the desktop version into decent shape, we will direct more attention to mobile platforms. At the moment there's just too much important low-hanging fruit that's easier to develop (and debug!) on desktop :)
Please. If you ever reach feature "parity" that is sanely competitive with something like Firefox or Chrome and have regular everyday production ready releases. Please. Please. Do not turn into Mozilla where you waste funds. Make a paid version and I will gladly pay for it monthly if it means you will put all the profits (or most) into development efforts exclusively. I'm still sour at how much money Mozilla wastes (and Wikipedia for that matter), they had so many great initiatives and projects they have tossed.
Don't you guys have anything better to do? You know, write code, instead of bothering people about nonsense like this, getting offended and crying on the fediverse?
I think you're grossly putting your own political viewpoint on this non-issue and frankly accusing someone of sexism based pro-nouns used in documentation.
This is ridiculous. I can read documentation with "he" I can read it with "her". I am adult enough to know it's talking about a hypothetical reader.
Fighting a culture war at every corner is just furthering the toxic environment we all live in.
If it's such a non-issue and doesn't indicate the predilections of the author, why not change it to be neutral? Where is the harm? Isn't being more inclusive on an open source project better?
It seems the author is taking an explicitly political stance by vehemently opposing something as simple as neutral pronouns in a README.
Please forgive me if this was talked about already, but I don't see it. Do you have any thoughts on Web3 support of any kind? Metamask enabled dApp development, but it hasn't evolved particularly well. There have been other attempts to replace Metmask with a better wallet such as Coinbase's wallet or Tally. But I think the whole paradigm needs a rethink. Is any of this even on your radar at all?
What can you do with $1M? Writing a web browser is difficult, so the salary for 1 developer is about $300k/year. Then you can have 3 developers. Can 3 developers create a web browser in a year? I don't think so. If those 3 developers can do that, then they'll ask for more than $400k/yr/person. That means, IMO, this project will go nowhere. However, any project that can create jobs is good, in fact very good.
I know that many on HN can't imagine it, but a lot of us work for less than that for any number of reasons:
* We're already making a top 5% income for our area and have more than enough for our needs and even an early retirement.
* We get non-monetary benefits from our job like WFH and/or flexible scheduling.
* We're working on projects that excite us and make us happy to go to work and that matters more than total comp.
Money aside, I'd rather see Ladybird hire 6 developers who are seriously passionate and live all across the world than see them hire 6 Bay Area developers who think they're better because they ask for more comp. That the passionate and global developers are cheaper is just a nice bonus.
>Why build a new browser in C++ when safer and more modern languages are available?
>Ladybird started as a component of the SerenityOS hobby project, which only allows C++. The choice of language was not so much a technical decision, but more one of personal convenience. Andreas was most comfortable with C++ when creating SerenityOS, and now we have almost half a million lines of modern C++ to maintain.
>However, now that Ladybird has forked and become its own independent project, all constraints previously imposed by SerenityOS are no longer in effect. We are actively evaluating a number of alternatives and will be adding a mature successor language to the project in the near future. This process is already quite far along, and prototypes exist in multiple languages.
Nice to see. The only thing that would meaningfully set it apart from the others would be to have a core that isn’t a big ball of C++. That would potentially allow it to be developed and maintained with less resource than the other browsers, and that would be the only way this ever reaches any kind of impact.
It is. They realized that writing a modern browser (i.e. one that for example uses multiple cores efficiently by doing layout/rendering/etc in parallel) is almost impossible in C++. To the point where creating a whole new language just to solve the problem would be a smaller undertaking. Which says something about the scope of this problem. And I really do think they are right.
> writing a modern browser (i.e. one that for example uses multiple cores efficiently by doing layout/rendering/etc in parallel) is almost impossible in C++
C++ also happens to be the only language in which that has been accomplished, so far. (The Rust components are relatively smaller, about 11% according to sibling comments.)
Why is it almost impossible? I'm a little out of practice with C++ but I thought the modern C++ features were considered pretty solid in regards to memory safety and the like?
c++ isn't memory safe and will probably never be. that being said, it's not more or less possible to create an efficient browser engine for multicore systems with c++ than any other language. programming language is not the thing that makes the task difficult.
> They realized that writing a modern browser (i.e. one that for example uses multiple cores efficiently by doing layout/rendering/etc in parallel) is almost impossible in C++
And yet Chrome does it just fine, and Ladybird can render some websites properly that Servo cannot, curious.
No, Chrome doesn't eg. do style computation with a parallel algorithm like Firefox does since it adpoted Servo's style resolution engine. See how faster it is: https://nolanlawson.github.io/css-talk-2022/#70
Servo's rendering issues are a different class of bugs unrelated to performance: they are still working on the layout parts.
Performance is overrated and irrevelant. It's simple force - not a skill. I can't do in more performat Firefox, neither it doesn't matter how performant Chromium, things that was possible in Firefox with old extensions. Not having such abilities, the only thing left to Google to talk about was.. performace - and crippling powers of Firefox. Rust is a new skill, not more of force.
Another skill, inconvinient, forbidden and forgotten ( * * * that I wish Ladybird will have * * * ): plugins - so I have A Browser For All Documents that can play every video format regardless of web video codec support or licencing etc. (with vlc, mplayer, whatever).
Neither Javascript shall be needed to see anything on the Web - if not being essential for tracking and ads
- but it's you who have to pay for it with that threadrippers (and no access to source data) ? Yes, it happend people are rich enough to belive that.
Making things simple and possible is the most important skill.
Check out this comment: https://news.ycombinator.com/item?id=40862781. While it's certainly possible to write the same parallel algorithm in C++, it wasn't done in Firefox before Rust, nor has it been done in Chrome.
But you can implement the same algorithm in c++, you can even implement it in assembly, or brainfuck!
I do not care about c++ or rust or any of the language wars stuff. All I wanted to do was point out that the initial statement about disregarding performance was ridiculous and also point out that majority of the performance critical libraries are written in C++.When it comes to numerics its a mix of C++, C, asm, and fortran.
Use your brain not mine, read and repeat. You can't measure performace of something if it's not possible to do that at all first. Like.. of your understanding till you do - then you can work on it (to make it less noisy and that, not how fast, is what for others matter).
Will Jakt be used as a C++ replacement long term? Going Rust for Ladybird is probably too far fetched given the sheer amount of C++ code. And also, Jakt seems to solve the memory safety problem while still giving C++ performance.
I kind of hope it stays with C++. C++ has been around for decades and is the gold standard for large performance applications, if they used python like many open source projects I worry it would be too slow, and rust feels like a fad
Let us hope it is not a fad. It is already in the windows kernel, android, and chrome in addition to Firefox. MS, google, and the NSA have all said to stop using languages like c and c++.
I think that's too pessimistic. The code is there and it can be used to push the project forward. If some part of it is not good enough, then an alternative implementation can be created (potentially in a different language)
>> "The idea that new code is better than old is patently absurd. Old code has been used. It has been tested. Lots of bugs have been found, and they’ve been fixed. There’s nothing wrong with it. It doesn’t acquire bugs just by sitting around on your hard drive."
>> "Each of these bugs took weeks of real-world usage before they were found. The programmer might have spent a couple of days reproducing the bug in the lab and fixing it. If it’s like a lot of bugs, the fix might be one line of code, or it might even be a couple of characters, but a lot of work and time went into those two characters."
>> "When you throw away code and start from scratch, you are throwing away all that knowledge. All those collected bug fixes. Years of programming work."
It's an older piece, but like good old code, it still holds up. Newer tools and technology have improved the creating of new code, but they've also made improving old code easier in equal measure.
It's a good point in general, but in this case it's not clear if the cost of re-writing the existing codebase is less than the cost of staying with a memory-unsafe language.
We know from past experience that it takes an extreme amount of time and effort to harden a browser written in C++ against malicious web content. The Ladybird codebase is not particularly "old" in any sense of the word. Judging by Github's stats most of the code is less than 4 years old and it is still a long ways from being ready for general use. I think it's safe to say Ladybird still has a vast amount of work to be done fixing vulnerabilities that arise from lack of memory safety.
I find it quite plausible that the cost of re-writing the existing code in Rust is less than the cost of fixing all of the current and future bugs in the C++ codebase that Rust would catch at compile time.
That is the sneaky thing about rewrites. The "Ship of Theseus" rewrite is reasonably safe based on the article and what I could find of people sharing their experiences with rewrites. Fix what needs fixing, but swap in the newer better language/framework/whatever a piece at a time. It works!
People get in trouble when they decide to rewrite the whole thing. You might be right in this case, but I'm sure every person who began a doomed rewrite project felt the the benefits outweighed the risks.
Viewed in the rear view mirror of history, the Netscape rewrite was a good thing in a technical sense. As far as I understand it gave us the foundation for Firefox and the Gecko engine. It was just bad business in context because it let other browsers run laps around it while the rewrite proceeded. It let IE get a foothold that didn't shake for many years until Netscape became Firefox.
Rewriting the new browser in Rust would probably be similar from a technical POV. But from a business standpoint, we seem to be at an inflection point where a new browser might be able to enter in the cracks of discontent over sketchy AI features in Edge and the slow-boiling attempts to break ad blocking in Chrome. If they divert resources now to a rewrite, they could miss this opportunity to do to Chrome what Firefox did to IE.
It sounds like the plan is a Ship of Theseus rewrite anyway, so they'll get there in time without the risk of distraction.
The only exception is if you have 500k LOC in a language whose runtime is going to be deprecated on all platforms overnight.
I'm referring to the uh, retrospectively unfortunate decision I made in 2007 to start building large scale business app frontends in AS3.
I guess I should be thankful for the work, having to rewrite everything in TS from scratch a decade later. (At least the backends didn't have to be torn down).
There's a parallel universe where someone convinced you to rewrite it in something else from the start and you spent years on the rewrite instead and it never went anywhere. Could you have done that emergency rewrite without 10 years of becoming an expert in the problem you were solving? The alternative universe has you spending time becoming an expert in a new language instead and maybe not getting anywhere with the rewrite.
Totally true. Spending years fine-tuning the business logic and UIs made the eventual rewrites a lot cleaner and faster, having already iterated many times over the years and discovering what worked and what didn't. And learning TS after AS3 was easy enough. The real pain point was switching from a paradigm in which I owned the screen graph down to the pixel-level placement of each component, to a trying to wrangle similar behavior from a mix of DOM elements, relative/absolute positioning and arbitrary stuff drawn into canvases. Particularly for things like interactive Gantt charts and some of the really complicated visualization components that had been a relative pleasure to design and code in Flash. But yeah, it was much easier to learn a new language paradigm knowing exactly what I needed to implement, rather than having to devise the logic at the same time.
I think it was a very sound decision back in 2007 if you wanted to write once and deploy everywhere. In browser, and on the desktop for Windows and Mac. JS wasn't up to the task of complex SPAs or graphic visualizations yet (<canvas> didn't even exist), and the alternative would have been Java apps which relied on whatever runtime the user had installed. The fact that Flash/AIR could deploy with its own runtime or a browser plugin was huge. It allowed an independent coder like me to maintain multiple large pieces of software across multiple platforms at a time when it was almost unheard of to do that without a team.
My current employer, similarly, invested a significant amount of resources into Silverlight. Luckily only one component of the application had been switched to Silverlight, but a significant amount of code was written to be the core of that effort and future components before browsers/MS killed it overnight.
Old code does acquire new bugs by sitting in your hard drive,
since it interfaces with dozens of libraries and APIs that
don't care about how well test the code is: every path of code
is dependent on multiple components playing well and following
standards/APIs/formats that old code has no knowledge of.
Also, the mountain of patch-fixes and "workarounds" in the end
force the programmers into a corner, where development is hobbled
by constraints and quirks of "battle-tested" code, that will be thrown
away as soon as it couldn't support fancy new feature X or
cannot use fancy new library API without extra layers of indirection.
Also the web standards themselves are written in an object oriented style. Using a non oo language like rust is therefore an uphill battle where you end up fighing against the language. The web standards just lend themselves naturally to be implemented in an oo language like c++.
Rust does not make it simple or easy to reference objects from objects. You will be fighting the borrow checker if you try. This is what I mean.
The web standards have lots of references between everything. This type of object oriented programming means having lots and lots of cycles in your object graph. This makes Rust very veeeery unhappy. The Servo people are trying, and they have been trying for a looong time...
I don't understand, isn't this what Arc is for? An "automatically garbage" collected pointer? Or is it not well behaved for this use case (i.e. blowing the stack on free)
Arc is an atomic (not automatic) reference counter which can be used across threads. Reference counting in general can still be tricky to use when you need cyclical references though, which is what it sounds like the spec has.
I think that pioneering the work of reimplementing web standards in not strictly OOP language will make the implementation easier for anyone else in the future, surely many of the problems exist by virtue of being done for the first time
The browser is good, but Mozilla has been consistently losing market share despite being well-funded. There is considerable debate as to what specific mistakes were made, but the foundation spent a lot of money on side projects that did not benefit the browser such as Servo, Rust and FireFox OS. Likely market share could have been improved had this been spent on marketing or engineering work that directly benefited the browser.
Hard disagree. If you're a fan of the strictly functional "what's CSS?" look, you might as well stick to viewing README.md on GitHub and call it a day.
This design makes it look like something that is looking for developer contributions. The original looks like something where a sales chatbot is likely to pop up in the corner.
I love this version SO MUCH BETTER. Clean, easy to read and I don't have to scroll down for half an hour to get to the bottom. I hate "modern design", whatever it is. To much padding, to much useless css and styles.
The original sure looks bland, but a HTML4-esque webpage gives absolutely the wrong message about the maturity level of a browser regardless of how much more usable it may be. Branding matters even if it's a tough pill to swallow.
Maybe it's because they want their website to work in their own browser ;)? I can see that if they start off simple with the browser, they start off simple with the website too, and it progressively grows with the browser.
Interesting, as the icon present on the parent user's site seems to be an even earlier, less refined (and clearly AI generated) version than the prior iteration[1] before changing to the abstract design.
It is a great honor to see a website I designed and coded at the top of the Hacker News front page! A big thank you to Chris Wanstrath for allowing me to work on it. I hope Ladybird becomes a mainstream browser, and I feel this is a moment similar to when Firefox rebranded from Phoenix.
No talk of the license on the frontpage. Visiting the GitHub repo tells me it is 2-clause BSD license. It's high time we had a GPLv3 web browser, otherwise, this risks the same fate as the rest of the browsers with proprietary forks.
This of course comes at the cost of not being able to support non-free parts of the web standard such as DRM.
Perhaps BSD in its anarchic freedom is compelling to the kinds of people who decide to do something crazy like building a brand new browser engine from scratch, and GPLv3 with its detailed rules and regulations is compelling to people who like to talk about how they wish the world had more software licensed under GPLv3.
Open source isn’t handed down from God, it starts with one person deciding to type mkdir.
There is absolutely nothing wrong with have proprietary forks. They exist for good reasons -- either a new browser or get embedded in another product which provides value for their end users. They may (or may not) contribute back to the original projects with bug reports, fixes and features.
Sorry this is not the GPLv3 everywhere world you are dreaming of, and I'm glad it works this way.
Like others said, if you want to have a GPLv3 licensed browser (that will probably be as unusable as GIMP), write one yourself.
Absolutism like this hurts adoption of otherwise-useful tools. Given the choice between a tool which simply cannot play DRM-protected content, and a tool which can, _ceteris paribus_ most consumers will prefer the former. If you believe there are other properties of a proposed tool that mean it is a public good for it to be adopted, it behooves you to make it attractive to adopt.
Most consumers will prefer the browser that comes with their OS or is advertised on google.com no matter what you do. Compromising your priciples to chase after the mass market is exactly the reason for the decline of Firefox.
DRM'd content on the web is also not nearly as common as you are implying it to be. Outside of specific streaming sites that many use through dedicated apps on their TV or phone anyway it is almost nonexistent so this crap doesn't need to be in your desktop or mobile browser. Not to mention that even with DRM support you are not guaranteed to get decent content if you are on the wrong OS or don't give up ownership of your entire display pipeline or just have slightly older hardware or live in the wrong country. It's also not hard to avoid these streaming services entirely.
If you are writing an open source web browser, I guess you only care about the preference that programmers who are likely to become contributors have. I’m not sure if that would be a big change really, though.
Or GPLv2 with binaries loaded at runtime, like Linux does. This is a definitive good candidate for v2 as not having DRM is simply just not going to work.
I think people in this comment section are too harsh on the website. I think the design is pleasing and functional, and the project is communicated about clearly. The AI laptop is a bit of a shame, and the logo being bland instead of clever is a bummer, though. But plenty of products have a similar front page style, and it doesnt make me feel like it's a soulless startup.
I agree, after reading the comments, I was expecting a complete monstrosity, but it's a simple, informative website. That style of website design is used because it's appealing and easy to parse. I'm not sure what people were expecting.
I must admit I'm not crazy about the logo though. It's fine at the top of a page, but I cant see it as my browser icon on my desktop, and it's much less appealing and identifiable than the old Ladybird.
I actually really like the logo. It's a simple, mathematically-defined curve that also resembles an abstract ladybird opening its wings. You don't find that clever?
I think this is more for the end user. If the eventual goal is to convince people to use this instead of Chrome or Safari it is probably going to be a hard sell if it looks like a hobby project.
Nitpick (or is it?) but the website is soulless and just bad. The website design communicates that this is just another immature project, desperately looking for a VC funding, just following modern design trends where "design == aesthetics". Yuck.
I don't know if that's true for non-developers. (Of course non-developers aren't the target yet, but they hopefully will be in the future.) I'd assume that non-developers are usually the main audience for a project website like this.
Developers can simply look at the Github readme and get their near plain text overview there.
We're all nitpicking no matter what our thoughts are on the design. I have my own thoughts on the design, but I'm more excited about the product than to put any more care in what the website looks like. It's easy enough to ignore and doesn't have an effect on the product.
> Nitpick (or is it?) but the website is soulless and just bad.
It is a nitpick, and the website works just fine for conveying what Ladybird is & what the project will be doing: The elevator pitch given was straightforward & at the top of the main page.
Have to agree, though I think as the saying goes, "don't hate the playa, hate the game". Capitalism sucks. Sorry for my non-HN-like comment, but it's the truth.
I love the idea of this project! I'm looking forward to giving it a try. I'm not your typical user (I'm more interested in what features a browser lets me disable than what it supports) and while right now Firefox comes out way ahead of everyone else in terms of empowering users to customize things to fit their needs it feels like with every update they introduce more features I need to disable and they're growing more aggressive about data collection.
I hope that as Ladybird grows you'll keep privacy, security, and customization in mind because our options in that space are very limited.
A reminder that the vast majority of Mozilla funding comes from Google who are an advertising company.
A reminder that years ago they were paid by an advertising firm to secretly install a plugin for a TV show. When someone raised a bugzilla bug about it, the project manager for the plugin (who herself had come to Mozilla after a career in online advertising tech...) marked it employee-only. Another employee reversed that, and then someone at the highest levels of Mozilla leadership changed it to a level that made it unviewable even by employees.
Pocket? That shit requires manually editing a bunch of config strings to disable. We were never asked "would you like to enable Pocket?" because they knew 99% of their audience would click "no." There still isn't a checkbox to disable it.
This whole "privacy is our priority" thing has been a farce and always will be.
But hey, they won't enable WebSerial because ZOMG DANGEROUS USERS CAN'T BE TRUSTED PRIVACY CHAOS DANGER DANGER MUST PROTECT THEM!
...meanwhile in Chromium browsers, WebSerial has been supported for years, it asks the user to give permission per-site just like cameras and microphones. The world has not caught fire, nobody's pacemaker has killed them, etc.
> A reminder that years ago they were paid by an advertising firm to secretly install a plugin for a TV show.
More recently they pushed an ad for Disney on users and the only way to prevent that was to turn off the redirect to the "what's new page" the show us after updates
(browser.startup.homepage_override.mstone = "ignore") which means that now users have remember to manually check out
https://www.mozilla.org/en-US/firefox/releases/ for release notes.
Then later they pushed a full screen VPN ad on every firefox user. In response to the immediate outrage, they suspended the ad campaign and told people to add "browser.vpn_promo.enabled" to about:config and set it to "False", even though that only applied to the one ad everyone had already seen and been forced to click past. What they should have done was add "browser.promos.enabled" and made sure that any ads they added to the browser in the future respected that preference.
I agree 100% that pocket is a huge offense. It should never have been anything but an add-on.
> ...meanwhile in Chromium browsers, WebSerial has been supported for years
Most people using Chrome are already handing all their private info and internet browsing history to Google. No exploit needed. Last I checked (it's been a while admittedly) there was no way to totally disable WebRTC or service workers in chrome and they don't want you to be able to disable ads either. Chrome isn't really an option.
Firefox is a very imperfect browser, and I'm afraid that it's getting worse all the time, but it's still the best we have.
Firefox isn't actually competing with Chrome in that sense, since Firefox's funding is essentially derived from the same advertising source as Chrome.
And Firefox's attempts to diversify by seeking new sources of advertising revenue don't actually make the problem better; what I would like is a browser that is not competing for advertising revenue.
You make it sound like Ffx is paid to be googles lackey- they're not, they're paid to make google the default engine. Apple gets paid billions every year to do this for safari on iOS. This directly makes google a lot of money so its mutually beneficial.
I would like a browser with a big team behind it and a stable reliable source of income. Google paying for everything is risky but I don't think its as big a corrupting influence as you seem to believe.
> A reminder that the vast majority of Mozilla funding comes from Google who are an advertising company.
The implication by users who frequently bring this up is that there's some unique influence on Mozilla. Yet if we're going by reminders Mozilla had a deal with Yahoo for three years in-between for it to instead be the default search engine and they were still paying hundreds of millions for the privilege (it's been estimated they were even paying $100m more than Google at the time, though by 2017 Mozilla reportedly felt they should have been making more and ended the deal prematurely after Yahoo was bought by Verizon).
Ie: I haven't seen evidence it's been unique partnership with Google in that regard. If there are more concrete examples of influence though I'd be interested (and it has to be understood I'm not a Google apologist either, I just seek more accurate critique as it's more robust).
Best of luck. If these guys succeed medium to long term they also prove it’s actually possible to build a browser if you focus on building a browser and not anything else.
It would be a statement of hope that we are not condemned to Google’s corporate strategy and the absolute rot the Mozilla foundation has become.
I know pretty much everything is not in their favor but I truly believe it’s still possible for a couple of guys with their head between their shoulders to actually “change the World”. I need to sleep at night after all.
I really hope this will succeed. It's sad browsers became free and dependent on Google.
I loved opera to death in the early 2000s. I was young and broke and didn't want to pay for it, but even though there were cracked versions around I dealt with the officially free, ad-sponsored version (Google ads, ironically) because I wanted to support it.
Now I've donated to Firefox in the past, but they've disappointed again and again with questionable business decisions. Still, I'm exclusively using Firefox than anything Chromium-based out of principle and I think I will switch to ladybird as soon as feasible. I have no problem paying for a browser that's truly independent.
Does awesomekling get to remain BDFL of Ladybird? I appreciated the project because it gave the impression that all the pork was stripped away and 100% focused on the engineering.
Meanwhile Mozilla spends a massive chunk of money on the organization and the philanthropy and the blog posts, and the activism, and the salaries of people who have little resemblance to engineers.
I certainly would consider trying to contribute, but.. After seeing the drama.. Nah. Not here. Not now. Still, happy to see a new browser engine, alongside servo.
Ehhh, fediverse is much comfy place. Not without its flaws, but nonetheless comfy. Anyhow, Judging a big place from the actions of few... not exactly reasonable to be honest.
But yeah,I think, it resurfaced, partially to recent, well, Ladybird stuff. Things got on the track, and the train went forward...
> No "default search deals", crypto tokens, or other forms of user monetization, ever.
Sounds good, but how would you make sure the sponsors won’t influence you in the future once it’s popular enough? After all, they are still corporations and are after profits, as opposed to crowdfunding.
I'm not an expert in this stuff, but I did notice that the Ladybird website mentions only accepting unrestricted donations. That doesn't prevent power dynamics from evolving between sponsors and the project, of course, but it at least means that no sponsors get to explicitly demand specific things.
I think it's a valiant cause but even if that's what they claim right now, eventually they will have to weigh whether it's worth taking the $100k donation from sponsor A who doesn't demand working on feature X but just suggests it or risk the future runway of the project.
I think he best protection against that is to have many different sponsors so a single one of them pulling out isn't a death sentence. In that regard, Ladybird already seems to be much better off than Firefox.
Still the concern remains valid and without leadership sticking to strong principles nothing will protect against external influence forever.
Here's a question, will accessibility be considered?
I fully realize my HN contributions are a bit of a broken record but also, if I don't bring this up, it appears nobody does so here we are.
Is this going to work with screen readers, magnification, speech recognition etc? I guess a more abstract version of that question is: Does Ladybird intend to offer some kind of feature parity with existing solutions where integration with OS-specific accessibility architectures (UIA, AT-SPI2, etc.) are concerned? If not, it's a non-starter for quite a few people, and I'd rather know so I know to even keep up with this project or add it to the "user first but oh not actually all users first" pile :)
This is worthy goal, but it's approaching "perfect is the enemy of good" territory. By the numbers, in order to get broad adoption and power in the market, they should not focused on being the accessible browser. They need to nail making it a viable option for the greatest number of people at the lowest cost (which, at this point, is measured in time.) It needs to work as well as Chrome at operating web tech.
I wonder what would happen if Ladybird matures well to compete with Firefox and Chrome (hope so), and it's just forked away by some company and completely closed down in a whim, because BSD-2 allows that.
And so? Yes people (and companies) would fork your code, but the most realistic scenario would be that the original ladybird would still be the most relevant browser of it's family, just like firefox, so the problem kinda resolves by itself
Because apple themselves forked it. Only a handful of companies have the power to basically change the web browser market, and apple sure was one. Nowadays every company copies from chrome, so why would anyone bother forking ladybird?
Doesn't this contradict with what you said? According to your previous comment, even if Apple has forked KHTML, it shouldn't harm Konqueror, and it shall prevail as the most popular of its family.
However, Konqueror/KHTML is now dead and we only have a closed source Safari.
As I've already stated, any company that may fork a similar project would actually cause more benefit than harm. KHTML died because the web started to get very complex very fast and KDE volounteers couldn't keep up with that pace, unlike Apple employees. Now that the web is a bit more stable, with less standards that are more thought-out (webassembly), it's a lot easier to maintain a web browser. So if tomorrow Microsoft hops in and announces it's intent to fork ladybird, then the latter would not only be fine, but it would probably recieve a new wave of contributors.
Imagine if ladybird gets used regularly by ~1000 nerds, which is its current audience, then gets forked by microsoft and the current ME gets replaced by ladybird. Even if ladybird got over 9000 users, there's no competing with megacorps.
Well maybe they're ok with that? They want browser diversity. Getting Microsoft to use a new engine is better for diversity than if they just used chromium like now.
Getting Microsoft to use a new engine and contribute back to the original repository is better for diversity, but forking and running away with it is certainly not.
> Forking and running away with it is certainly not
If your goal is browser diversity, this would take an ecosystem of 2 browser engines and turn it into an ecosystem of 4. That seems in-line with the goal of browser diversity.
Currently we have an ecosystem of two browser engines, yes. One of them is weaponized against users by its designers, both in its open and closed form.
Having 4 (or 3.5 more realistically) browser engines where 2 of them weaponized against its users doesn't change things.
Instead, we should have 3 (or 2.5) browser engines where only one of them is (and can be) weaponized against its users. This is what brings diversity and change.
Ideally, yes. Microsoft should stay away from this, but I wanted to highlight that adopting a technology doesn't automatically make it better for diversity.
Google was almost killing Go overnight because they wanted more user data from people using the language.
Sorry for my grammatical mistake, English is not my first language.
That said, my point here was that realistically no company is going to fork ladybird since there's already chromium, plus even if ladybird was somehow forked by let's say microsoft and got popular, I don't think it would be detrimental to ladybird itself, if not even beneficial, since it would attract more users and, to a lesser extent, more contributors.
> seeing your code being used by some guys you don’t like?
This is not even in the list of my concerns. I just don't like to see efforts of hundreds if not thousands of volunteers are rolled into a closed source application and distributed for the profit of a couple of people who pat themselves on the back because they got their next car/house/whatever for free.
That sounds no different from "code being used by some guys you don't like" to me, to be honest. If some company took my permissively licensed work and turned it into a commercial product, why would I take issue? I put my work out there for the betterment of all, and it is still bettering the world even in its new form. I have no complaints with that.
In fact, it's very different. You, as a single person might not care about a patch you contributed, or a small utility you have written. However, not everyone thinks like you (e.g.: Me, as Fig. 1a).
When you put all this spectrum of views under a project, it becomes another thing to manage these expectations and what people want from the project in the end. When big shifts start to occur, people will react differently.
When it's a project people love and contribute with the expectation of keeping things the way it's, and the things change, people won't be happy. See: Go's opt-out by default telemetry proposal, HashiCorp's and Docker's license changes, Google's persistent push to block ad-blockers, Microsoft's breaking of VSCodium in subtle ways, etc.
So it's much more than you and your code, esp. in projects like these. I think licensing them with licenses allowing rug-pulls (esp. under community itself), is a red-flag in many cases.
I also put the code I develop myself out there for the betterment of all, but it's licensed with GPL, because I don't want someone take and run away with it for "betterment of themselves rather than everyone". Now, you might not agree with me, and I respect that, but that's the terms I put on my code. As I always say. If you like it that much, reimplement it. I don't care.
Conversely, I contribute to a project which allows no GPL code, because it's designed to be both open, and be customized and closed at the same time. We put it out very openly in the beginning, because that license is a requirement for the use case we (as in ~10 countries) have, and MIT is the best one for our use case.
...but, Ladybird is not that. The project tries to build an important, foundational commodity item. Allowing it to be taken private is a mistake, IMO.
Personally am asking myself what the benefits of the BSD clause compared to a more restrictive license are. The only reason I personally can see is that they want to have to option to close the browser themself in the future.
Yup. All licensing is about brokering control. The only license that grants true freedom is no license, i.e. public domain. Everything else is a “where’s the control” shell game.
Sadly, that's not how it works; opting out of the copyright game is a lot harder than it should be. "No license" means all rights reserved, and even a public domain dedication is invalid in certain countries.
Your best bet is to put your code in the PD and provide a fallback maximally permissive license in countries with insane legislation where that doesn't work (e.g. Germany). The Unlicense notably does this, though lawyers seem to hate it for various reasons.
Alternatively, you can use licenses like 0BSD/MIT-0 which are PD-equivalent, but you technically retain copyright, so it should work in aforementioned countries too.
If you the amount of features in Chrome and Firefox (just those in the standard, nothing extra), you would know "mature well to compete" is a long way away, if not impossible.
And I don't see any problem with forking. Tons of browser bugs were found, reported and fixed exactly because companies forked them. And remember that Blink is forked from Webkit.
I have seen IE's rise and fall. Netscape's rise, burn and rebirth as Firefox, saw Safari as a fork of KHTML and rise of Chrome.
Ladybird might be added to this list. It's not impossible. It'll be a winding and hard road to go, but it is not a path with no end.
You don't need to fork a codebase to fix its bugs. It's GitHub's workflow (fork -> PR -> merge). What I meant, as noted in this thread, is a hard and closed fork propelled with money and corporate greed, which eclipses the open and primary version and drown it in the process.
EEE'ing it, basically. This is why I prefer GPL (preferably V3+). If you want to improve it, it's open. If you want to monetize and EEE it, then nah. It's not allowed.
Yes, normally we'd do the opposite (especially when the article isn't particularly good), but in this case it was easier to trace the significant new information this way.
true. extremely boring. a bare html would looks so much better. this one is not utilitarian and is not aesthetic either. it hits the intersection between banality, uglyness and lacks of function - because it is structured like a brochure, wasting a lot of space on stock photos.
Apologies for the late question, I only just found this thread.
I work at Brave, VP of IT. I worked at Mozilla for 5 years. So have some experience with browsers.
I see our insanely high infrastructure bill each month, most of the cost comes down to CDN/distribution of updates, block lists, safe browsing etc. But we also have a bunch of other costs for staff to maintain said infrastructure and security.
If you get to scale, what is the plan here? Because $1M won't get you a very long runway and the moment browsers stop doing what they should be doing well, they die. Wishing you the best of luck.
Indeed, Shopify was our first major sponsor, they signed up almost a year ago! I'm super grateful to Tobi for believing in us when we were even less mature than we are today. <3
If what is written in the article is true, then why not pursue a copyleft license for the web browser to keep it Free? Otherwise a for-profit competitor can fork it and all the bootstrapping would be for naught.
It's crazy how complex browsers have become ...
You practically fork an OS to make a browser
> At the moment, many core library support components are inherited from SerenityOS:
LibWeb: Web rendering engine
LibJS: JavaScript engine
LibWasm: WebAssembly implementation
LibCrypto/LibTLS: Cryptography primitives and Transport Layer Security
LibHTTP: HTTP/1.1 client
LibGfx: 2D Graphics Library, Image Decoding and Rendering
LibArchive: Archive file format support
LibUnicode: Unicode and locale support
LibAudio, LibMedia: Audio and video playback
LibCore: Event loop, OS abstraction layer
LibIPC: Inter-process communication
Is there any caniuse data for Ladybird? It would be helpful to see which standards Ladybird implements so Ladybird users can use my site. Building websites that use the supported standards seems like a good way to support the project.
Better yet, build your site using the standards that make sense for you to use and then see what the browser needs changed to support it! Some things like webgpu are bigger lifts to make internal versions of but others like minor CSS properties tend to go quick.
"built on web standards" - I believe it needs critical mass of both websites and installs for this to be a feature when the mainstream browser has hardcoded quirks.
Also, I am very curious why is someone like Shopify sponsoring this.
Can anyone explain like I'm an idiot concrete reasons how Google Chrome's dominance is bad for the web? Preferably things that have actually happened, not what might happen
It's a web browser built and controlled by an advertising giant in order to serve you monetized pages more quickly. For examples of why this is bad for the user, search FLoC and manifest V3, both of which they try to say are better for the user despite being objectively worse (the latter hobbles web ad blocker extensions and the former is a solution to "reasonable" web ads and user tracking).
One answer: Google's interests are at cross-purposes. They are simultaneously making money from showing you advertisements, but also giving you a browser, and sometimes these conflict. For example, they recently rolled out a new on-by-default "feature" to identify yourself to advertisers.
Another answer: concentration of power and market share stifles innovation. Look at what happened to Internet Explorer when Microsoft was the only game in town.
Google Accelerated Mobile Pages were one example of a dangerous pattern that Google pushed, for probably altruistic and selfish reasons.
Less specific, but I think just as reasonable, is looking at the philosophical alignment and financial incentives of the organization behind the browser.
Google's interests are often in direct misalignment to my own, and by virtue of that, I would strongly prefer them to not have such a position of power over the market.
You want to know why a monopoly is bad, using only evidence from when it was not yet a monopoly (or not quite)? That feels to me a bit like missing the point.
I think for a lot of us on the older end, we lived through the era of Microsoft Internet Explorer dominating the web and that experience informs our thinking. As long as there was competition between MSIE and Netscape, with each one trying to outdo the other, both browsers kept getting better and the web kept becoming a more and more capable platform. But quite soon after Netscape crumbled and stopped being a serious competitor, MSIE stagnated: development didn't just slow but halted for half a decade. The web stagnated, too, and Microsoft's dominance meant that a lot of what did get built was locked in to their platform. (Partly things like CSS quirks and nonstandard rendering behaviors, and just plain neglect of new possibilities in HTML, JS, and CSS. But more than that: how many companies built ActiveX controls in that era, which mostly required Windows to function? The entire internet infrastructure of South Korea got locked in to ActiveX by law from about 1999 to 2020.) So imagining an era of Chrome monoculture brings back some pretty negative memories.
I don't expect that Google would make the exact same mistakes that Microsoft made. But it would be awfully hard for them not to shape browser design around their own corporate interests if there were no competition driving innovation and no disincentive to shaping the entire future of the web platform in Google-friendly ways. I know that's not "things that have actually happened", but the whole point is that things change once an effective monopoly is achieved.
Since you wanted to restrict it to things that happened:
- Chrome began to "log in" users into the browser by default, if they so much as logged in to Gmail or Youtube, or anything that uses Gmail ID oAuth. That means that all the searches and web visits made on the browser are explicitly tied to your Gmail ID.
IMO the more interesting question is "why not fork Chromium"? The corporate effects of a browser monopoly are pretty obvious.
The less obvious question, and Im genuinely curious, is why do you need to rewrite the engines when there are at least 2 good compliant open source ones? The only way an engine rewrite is worthwhile is if yours is significantly leaner or faster, both seem very unlikely. An seemingly-impossible milestone of hitting party isnt that interesting, is it?
I can imagine how hard it is to develop a browser. However, I can't imagine how much the landscape will change in the next 2 years... LLM, privacy, etc.
I too would have preferred to see an EU-based organization backing this but I can imagine that a US non-profit probably makes it easier to get funding from US corporations and donors.
I feel like the public perception of this project will become significantly more harsh now that it has upgraded from a hobby project, and I’m not sure they’re prepared for that
As much as I would love to see this succeeded, I simply cannot believe that you can sustain a browser development without millions of dollars. Web got so complicated. And it's perfect for all these huge ads companies owning browser engines. Nobody can catch up with this.
There's only one way we can make sure we can get really independent browsers:
SIMPLIFY THE WEB
- Limit the platform to absolute minimum - give way to render things, fetch stuff from the network, etc.
- Get rid of CSS - leave just some basic rendering primitives, so libraries can be created to paint on the canvas. We don't need 78 new animation primitives. We'll build them ourselves if we have a sensible canvas and execution platform.
- Move JS out of the browser to a WebAssembly compiler and make browsers run only WebAssembly
- Or keep JS in the browser but don't add any new features, features should be in libraries
outside of the browser. Language should be as simple as possible.
- Get rid of all semantic html junk. We only need some basic blocks to move things around.
This way we can have simple browsers and move all complexity to client libraries, which you can pick and replace when needed. Just keep things as simple as possible and let people build on that.
Any browser could do that tomorrow, and then their users will promptly abandon it when it doesn't work for websites they have to access. This will just never be a viable strategy because users want a web browser that works on the sites they want to visit, and site owners aren't going to rewrite their sites unless the browser has a big enough market share. But market share is going to be small for a browser that doesn't work. Rinse and repeat. It's a major chicken and egg problem.
Yes, we have done it to ourselves in the 90' when every browser had some custom extensions and small differences. And everyone was playing catch-up game. Then we got a bit of normality in 2000' when we standardised things. And now Google is playing like Microsoft - expanding web standards like crazy and nobody can catch up. I hope we stop this madness soon.
I agree with some of this (WWW is too complicated and messy, and has other problems with its design), but I do not agree with everything, and anyways in many cases it cannot be corrected this easily.
However, I should also think that documents should not need to execute JS or WebAssembly code; although there are uses for such things, it should perhaps be separately.
Also, some of the semantic HTML commands can be helpful, such as <ARTICLE>, <TIME>, etc. (However, the user agent should decide how to display them, according to the options selected by the user; this should not be decided by the author of the document.)
A completely new protocol and file format (or more than one) is another way. A few people have tried some things relating to this, including myself. One thing I had done is that, documents cannot contain scripts to be executed nor can they link to scripts to be executed as a part of the document; executable code can only be linked to from the conversion file (which does other things too, and is not only for executing programs; e.g. to specify how to transform a URL to download a file in a different format), and the user must explicitly tell it to execute; furthermore, it uses uxn and not JavaScript nor WebAssembly (since uxn is much simpler to implement); and, if the conversion file is implemented at all (for simplicity, it is not required), it is mandatory that the end user must be allowed to override it and specify their own conversion file instead (therefore, the end user decides what the client software does). Furthermore, I had also decided to use binary formats, to make them less complicated to parse special cases (to avoid needing so many escaping and stuff like that, which is necessary with HTML). And then, TLS is allowed but is optional; it does not have mandatory TLS (although it is recommended that servers and clients will accept both TLS and non-TLS connections; but a client or server that does not support TLS will still work even if the other does support TLS, if both TLS and non-TLS are implemented). There are many other things can be done too, to make improvement.
That all sounds great until you start considering what needs to be done for accessibility. For blind readers as well as many different screen resolutions.
I agree. That's actually one of few problems with having just canvas - accessibility. Most libraries would not have it, and it would be a disaster for disabled users, but... That's one of few things current state AI could solve. Why not make a neural net that would read or summarize page for blind people? Instead we use it to generate bulsh*t junk content and fake comments...
It might, but I think that isn't the best way. Accessibility is for everyone, not only for the blind people.
Better is if the document specifies the text (and any appropriate annotations, e.g. how to pronounce), and the blocks/sections/etc, and then the client software can display it according to the user's settings. Whether that means you want to display it on the screen, with your own formatting, or use a braille display, or text to speech, or whatever else it might be, you can use it.
That isn't even slightly comparable as those plugins required the end user to install them, due to the inherent security concerns. Contrast that with today: you are constantly using websites which require giant libraries that entirely subvert the underlying semantics, such as React... it isn't at all crazy to just stop adding more BS to the browser and require more of it to end up in rendering layers such as React, or even to long for a web where React is merely built on top of something like canvas. (FWIW, Flutter is like this, and it is actually pretty damned good; it isn't great, but if we concentrated on only adding features required to fix Flutter's complaints, the web would be better for it, and we'd see a ton of web browsers as a handful of people can legitimately build an operating system kernel or a language compiler or a virtual machine monitor or a CPU emulator or a 3D engine, and yet implementing all of the current web stack requires some giant company, which is ridiculous.)
We needed them because platform was too high level, not because we had not enough web APIs. If we could have a canvas and means to render efficiently, there would be no plugins necessary. And they were nightmare because you had to install them yourself on your client, not because they were not JS and DOM.
From a user experience, maintaining a large collection of “feature libraries” is about the last thing I want to do on top of web browsing. To me, this approach would doom the browser as needlessly nerdy and obtuse.
You already have this anyway. I’m not sure you have seen the size of average page js bundle. It’s many MBs of JS. All this while expanding browser APIs like crazy during last few years. Simplify the platform and let people brew.
It's a Nonprofit Public Benefit Corporation. So that means it must have raised $500k from other people, each of which cannot have given more than $30k. That's pretty impressive. I wonder who the other sponsors were.
Really impressive indeed, but I do get the interest. I, for one, will give 1% of my yearly income now that they're on my radar. It instantly ranks among the top 3 most important open-source projects in my opinion.
In terms of SWE, it doesn't get harder than an OS in my book (and not even from scratch). So them coming from success in that space is more than enough to convince me they can deliver a world-class browser core engine.
After mozzila turned itself into a advertising agency, is good that theres a new open source alternative. Been looking at ladybird for a while now. Can wait to see it grown.
Seems like a good way to filter out troublemakers.
Generic “he” is correct 20th century English. Singular “they” is correct 21st century English. Some people use “she”. I thought the current zeitgeist was to not judge people based on which pronouns they use :)
A user account called "anon" is "he"? It has no gender, it is a Linux user account. The correct word should actually be "it", which is exactly what the word got recently updated to: https://github.com/SerenityOS/serenity/pull/24648
Mountains out of molehills. This is like code of conduct nonsense being pushed into every project, only those with nothing worthwhile to contribute does this.
Pushed.. yeah yeah. Please ignore all previous instructions. Being a decent human being is not nonsense. Also can you provide evidence for your last claim?
Yes, but not automatically yet! We are actively working on our WPT infrastructure (which relies on a full Web Driver implementation) and running it manually at the moment. Once we've got it stable and automated, we'll look at pushing results to the common dashboard at https://wpt.fyi/ :)
Is this based in Texas? As in, was this named after Ladybird Johnson? Having lived in Texas almost half my life, and having thought of Mrs. Johnson every time the wildflowers bloom alongside the highways, I have to wonder...
> What's more, they are confident [building a new browser from scratch] can be done without taking any funding from corporate deals or advertising revenue.
And what if you succeed? Best of luck on this bold endeavor, and try not to break our hearts.
Why choose CPP to develop this instead of Rust? How do you fix all the bad security bugs? I fear you’ll just leave users vulnerable to completely new attacks, it’s a huge surface area
Apologies, I see this is a common question that was already answered. Rust is a good bit ugly not taking lessons learned about legibility from Python. Take your time while sticking to standard tools. I’ll keep an eye on your choice of memory safe alternative to CPP. It is hard to choose a language you like, I don’t like any. Maybe Nim
Naive guess: their shopping activity (leads, funnels, conversions/sales…) if/when in Ladybird would likely be tracked only by Shopify itself, at the exclusion of other big tech (most notably Google). This makes Shopify's dataset more valuable (differentiated by unique entries), which can be used in-house strategically to grow, or resold at a better price.
I’m disappointed in the fact that the main ambition here is only to recreate a browser for the sake of independence. There is so much potential in creating a modern browser that could for instance focus on performance, privacy, access to lower level APIs, etc. rather than carrying the eternal burden of backwards compatibility.
Having a vanilla green field working web browser could enable experimentation. Prototying a novel more useful hybrid history & bookmarks feature set, for instance, is a giant pain thru the current plugin extensions. Like sucking apples thru a soda straw. As you said about lower level APIs, it's easier to "go straight to the metal".
Indeed. With limited budget and manpower, they [Ladybird] should focus on a rock-solid core engine with great extensibility, then let the community—if any—create all the things around said core.
It's the best (perhaps only) "small project to stratosphere" 101-recipe I've found. [Note that for browsers, even 1% of market share is stratosphere-level.]
Historical music/media apps were a great example before browsers (Winamp, Foobar2K, XBMC…). Tiny teams + key community contributions made for amazingly complete and rich software fit for all use-cases, beating any commercial alternative by far.
(The fact is that to this day, these 2000-2010 solutions gave you far more user-power & customization, not to mention discoverability and meta-knowledge, than current Netflix or Spotify UIs.)
A project like Ladybird should take that general road, IM(very but educated)HO. That's how they can eventually catch up to big names feature-wise.
I checked my RSS history because I was thinking the same.
(My rss feed only contains posts that get popular on HN, there might be more posts in reality)
This is wonderful news and I'm all for more diversity and user choice in the world of browsers, but this text...
> preparing to become the only major web browser which does not treat the user like the product being sold.
...is either ignorant or a deliberate slam on Mozilla. Whatever else you might say about Firefox, it has never tried to "sell" me to anyone. The fact of the matter is that Mozilla has done the impossible for decades and gets no end of grief for it.
(I expect we'll get a zillion complaints about search engine placement & Pocket recommendations because that always happens on this site)
To me, it seems neither ignorant or a deliberate slam on Mozilla.
Clearly, they are referring to paid search engine placement. But that doesn't just apply to Mozilla, it also applies to Apple/Safari.
And given that both Mozilla and Apple are being payed by Google somewhat proportionally to how many users they have, clearly users are indeed being treated like a product being sold.
But you’d trust a megacorporation closely tied to government that has an explicit interest in tracking you, keeping paths for intelligence agencies and law enforcement open, and generally being deceptive? You trust browsers that openly phone home about your activity?
I gauge the risk of my government targeting me lower than the risk of hackers stealing/selling my information. Mainly because the latter has occurred to me numerous times already.
If you're really this serious about security, you should be using Qubes OS. Then, a browser choice stops being important, since the strong isolation would prevent an exploit to do any damage. And disposable VMs allow to do insecure staff without any risk.
Xen is not an obscure system. Hardware isolation was broken last time in 2006 by the Qubes founder ("Blue pill software").
I open my email in a dedicated VM, so only my email provider could attempt to compromise me. Attachments are automatically opened in another, disposable VM.
I talk about the distro qubes os and not about xen.
Also my email account and everything normal I do, is part of my normal life and it's very helpful to be normal.
If I would ever do something out of the ordinary and want to do something which requires physical access, it's much easier to travel the world as someone who has a normal Internet profile.
My personal data is protected enough on Gmail and gdrive.
Just remember the developers are not mindless idiots who will submit to mobs of religiously ideologically zealots that constantly complain about everything while contributing nothing to open source development or society?
Part of the reason for forking from SerenityOS was to allow adopting third party libraries. They've already added Skia and FFmpeg and a bunch of other stuff. WebGL will almost certainly be supported by ANGLE, WebGPU by Dawn or wgpu, WebRTC by the WebRTC library. WASM on the other hand is usually tied to the JS engine which is custom. I believe it's already partially implemented.
nix run nixpkgs#ladybird
...
502144.831 Ladybird(1297933): WebContent process crashed!
502144.831 Ladybird(1297933): WebContent has crashed 5 times in quick succession! Not restarting...
...
I didn't expect it to work very well yet in a distro, so that's ok. It's cool enough that nix(os) has already started tracking it.
I'll check back every few months and see how it's going!
Please don't trust random distro packages of Ladybird, we have no idea what they're packaging, but it's unlikely to be current, and not something we can help you with.
I wish distros would not package pre-alpha software, since the only thing it accomplishes is giving people a bad first impression of something that isn't ready :(
I think the only reason why Nixpkgs has a derivation for Ladybird is because it is not really possible to build Ladybird (or really almost any software) the "obvious" way in NixOS. What Nixpkgs provides is more like build recipes that work within Nix's sandboxed environment with optionally cached binaries, rather than actual packages. Because of that, it's kind of awkward: no specific decision is ever made to publish packages for some unfinished software, it's just that the act of writing a derivation kind of implicitly does do that.
Clearly, some upstreams do not appreciate that NixOS provides non-standard or sometimes-unfinished versions of their software, but it's either that or the software is essentially unusable and uncompilable on NixOS.
I do wonder if there is a potential for productive compromise, though. Maybe it would be desirable to have a QMessageBox warning to the user at startup that the distribution is unsupported and bugs should not be reported upstream. I think that the folks maintaining the Ladybird derivation would be happy to take feedback into account.
excuse my ingnorance, but firefox is also an open source browser afaik. The only advantage that ladybird us is that it turns the duopoly of browser engines into a tri-opoly- so what is the point? Why wouldn't this money be better spent enhancing another browser engine like whatever midori runs on? Why does Ladybird need to exist, and why are so many companies becoming sponsors? Not trying to ruffle feathers, genuinely curious
The Firefox browser is built by the Mozilla organization. Mozilla depends upon funding from Google to survive, and over time, has become used to spending lots of money each year (since it arrives "free" from Google). Should Google turn off that tap, Mozilla and Firefox would very likely struggle to survive.
So, some people feel that it'd be better to have a viable browser that isn't dependent upon Google.
I don't see how ladybird's funding model is fundamentally different, other than Google isn't funding it. The only difference is that ladybird is in it's infancy and still has time to grow into the corpo-money-dependent organization you describe.
Besides, has ladybird even said that they would reject google money if offered it? Or amazon? or any other large corporation that could seriously stifle the free web?
2 years is far away? You must be very young or very close to death I assume...
It doesn't need to be remembered until then. If it matures and gets usable you will read about it again ;)
Colloquially, "or" can but doesn't have to be exclusive. As to your question, being young and close to death are both states that everyone gets to experience (even if not neccessarily knowingly for the latter) but thankfully most of us are spared from experiencing them simultaneously.
I'm curious how they will work. The lead dev made briliant coding / self-work videos, and I'm really wondering coding will happen on this project. I hope we can see more streams :)
- Rootless containers require /etc/subuids to remap uids. Browsers could run subprocesses like rootless containers in addition to namespaces and application-level sandboxing.
- Chrome and Firefox use the same pwn2own'd sandbox.
- Container-selinux and rootless containers and browser tab processes
Honestly, I still love Firefox and I'm a bit skeptical about rewriting everything from scratch when you have a fairly decent codebase. What's the point? Just burning money? You still need to implement the specs.
I had a similar first impression. The previous logo and branding were pretty strong imo even if the SerenityOS and ladybird website was/is a bit scrappy. Very cute little ladybird, and the natural patterns of a ladybug gave a clear visual motif to build from.
People talk about 'polish' in design as a signifier of quality but my mind always goes to conching, the process by which cacao nibs are ground down over days to produce silky chocolate. You need to conch the nibs to grind them past the point that the chocolate has a gritty texture in order to get the nice smooth chocolate we all love, but what the process also does is grind down the sharper notes of the flavour. The further you go the more the deeper and richer notes are lost. So too a design language and brand can be conched to smooth it out for broader consumption, but you can go too far and lose the flavour.
I do like to add raw cacao nibs to my chocolate cakes and I also prefer the old web over much of the offensively inoffensive corportate approved web so maybe there is something to your analogy.
Thanks for posting this. I have to admit, the old design has a lot more charm. The new design is fine, but there is just something timeless about the old design
> This page is not fancy because we are focusing on building the browser. :^)
I sorry to say this, but the new visual style is completely charmless. The most important thing a non-profit oss project needs is a charming visual style. A ladybird for instance is an extremely charming little bug, and it was such a strong choice. This new style is a huge step back compared to it.
I was about to say that it had a reason to look like ass in that they never really worked on it at all to begin with, being focused on the browser, which wasn't even good enough for anything more than dev work, rather than the presentation of it.
But I see now that they actually updated the site.
Thanks for letting us know this extremely important and relevant information about the founder. We need to shut down this project and get him cancelled and permanently banned from the software industry.
Nobody said that. But people should know these things so they can make an informed decision if they want to use and/or contribute to the project. Are you against that?
I’m saying that he should be sentenced to life in prison for his crimes against humanity. Using “he” instead of “they” is unforgivable. All of the source code should be printed out and burned and no one can be allowed to use this evil browser.
I personally like to know whether the software I use/endorse is developed with broad inclusion in mind. It is a pretty solid indicator of thoughtfully-designed software.
A developer assuming, for example (not related to this instance), ~all the users are able-bodied men with perfect vision and motor skills, leads to an inferior product that is guaranteed to alienate people who don't match the "target audience", and those people already experience a life full of being ignored or not getting the same degree of accommodations the majority do.
Using gendered language is just a small facet of the full spectrum of ways that people are excluded (even if it's just to a small degree), and it's nearly effortless to think "yeah, it would be good to use wording that makes sense for any reader of this text", and is simply a kind thing to do. When a developer actively fights against this, I can only imagine their motive is exclusionary and prejudiced, or perhaps just ignorant.
It's disappointing my post was downvoted to oblivion but I'm not surprised. If someone doesn't care about using inclusive language, that's not really a reason to suppress someone raising a concern about it. What is especially surprising/disappointing is that it's flagged, despite being a totally valid "PSA" about the exclusionary stance of the software's founder (at the time of the linked PR -- which I already disclaimed in the OP). The post violates no rules/guidelines and adds value to the conversation.
Regardless of all this, to any dev reading and thinking "why do I care", I would ask, why are you developing software? Fundamentally, it's to provide some value and use to people, right? That value/purpose shouldn't come with the caveat of making someone feel excluded or overlooked. Or, if you only care about providing that value to a certain set of people, at least make that very clear up-front so the rest of us can know to skip over and look for something else.
That's funny. If I interacted with toxic trash like you more often that could actually be pretty applicable advice. In this case though, you're just being an asshole, and you can take your BS elsewhere.
Projection. Look in the mirror and see who is the asshole. You're being an antisocial virtue signalling narcissist. I don't mean it as an insult, it's just an obvious fact. Technically you have some kind of personality disorder. You got flagged for a reason. Everyone else can see it.
Oh for sure, browsers are complex beasts, but Ladybird already supports quite a decent chunk of the web. For an initial alpha (which they explicitly point out to be for developers and early adopters) to still be 2 years away feels a bit far out to me.
The alpha release is intended to be fully functional, in the usual sense of alpha testing. That is ambitious. It's not like a shitty game on Steam (or Star Citizen) where "alpha" means 10% of features completed. That is 30 million lines of complexity due within 2 years. Ignoring lines of code, some of these problems within a browser are time consuming and difficult to solve from scratch.
Brazil's government blocked locals because locals wouldn't remove people from the platform. You could try accessing it via any one of the numerous archive sites such as https://archive.ph/sroUT
We are entering new era of building new competitive things "from scratch" and building them really fast. Powered by LLMs, increased personal productivity, ease to access knowledge, it's just inevitable a lot of better things will be created.
I really appreciate someone taking a stab at a project of this scale, but is it really worth discussing for like the 70th time when even the alpha is two years away?
Open source is great and new things are great and pursuing your passion is great. The rhetoric here however is lacking. Specifically the argument is "google money bad" but the authors don't provide specific examples where google money has caused a technical decision they disagree with.
> No "default search deals", crypto tokens, or other forms of user monetization, ever.
Is avoiding those sorts of things not supposed to be reason enough for them?
Also the page does a good job of specifically mentioning Google and making general statements about what any source of funding can impact. If Google wanted to give an unrestricted donation it's not clear from this page they would decline it.
Here's a short video from Chris Wanstrath announcing our non-profit yesterday, and kicking things off with a $1M donation: https://www.youtube.com/watch?v=k9edTqPMX_k
Happy to answer questions :)