The Ladybird browser project(ladybird.dev) |
The Ladybird browser project(ladybird.dev) |
Is this true?
So, they stay on the bleeding edge if C++ compilers. So in terms of core language features, they are C++20-something.
But, everything is written from scratch, including the standard library.
As such, the code is a lot cleaner than a typical C++ codebase.
However, the thought has also crossed my mind if we're finally seeing fruits of browsers being better standardized on "95%"+ of the popular features -- and if writing a browser today is in fact easier than both writing AND maintaining a browser a decade back. While the web is of course still evolving, it feels more "settled in" than 10-15 years ago.
There's also the factor that past developers didn't have the more complete roadmap set when they initially planned browser design, but now we have huge amounts of web standards already there AND also know how popular they got over time i.e. what to prioritize to support a modern web. One might superficially think there's simply more of everything, but I also think ideas that can be discarded. Just imagine that Internet Explorer had XSLT support, and FTP was common once upon a time!
It would be interesting to hear more about their own thoughts on these topics!
Edit: My bad; XSLT is still commonly supported and by all major browsers but a rarely used feature and stuck in limbo in XSLT 1.0. So it's probably among those things that can be safely omitted for quite some time.
Thanks jug! I'm super proud of all the folks who have worked on it with me :^)
> However, the thought has also crossed my mind if we're finally seeing fruits of browsers being better standardized on "95%"+ of the popular features -- and if writing a browser today is in fact easier than both writing AND maintaining a browser a decade back. While the web is of course still evolving, it feels more "settled in" than 10-15 years ago
This is definitely true! I've worked on browsers on and off since 2006, and it's a very different landscape today. Specs are better than ever and there's a treasure trove of tests available.
If anyone threatens Google position, they can literally throw money at the problem, invent some overcomplicated standard, implement it in Blink, and have the competition chase them. It doesn't need to go through W3C either, if it works in Chrome, all web developers will adopt it and any smaller engine will necessarily have to support it or risk losing whatever little market share they have left.
Having control of the internet now is of greater strategic importance than it was 20-30 years ago when Microsoft was king of the hill.
It is conceptually despicable, especially for devs, but it prevents Google from completely running the show.
Now the European Union is coming after Apple without trying to rein in Google's influence... This seems short-sighted.
This is why we, tech nerds who understand the problem, must resist monopolies: object to using such APIs. Chrome wouldn't be in quite this position if, instead of embracing the monopolist, more techies had warned their non-techy friends and family away from it, like they did with IE.
It's almost as if backwards-compatibility is seen as something to be avoided in certain web dev communities. Lots of "drop support" and "moving forward", zero consideration for simplicity and interoperability.
How is Instagram dependent on whatever Google decides? How is Facebook, TikTok and Snapchat? How are streaming platforms dependent on Chrome? Big businesses with a ton of users easily launch their own apps to sidestep Chrome. And if Chrome makes fundamental breaks of HTML and CSS, then most of the internet is going to be broken in Chrome.
If your bank website stops working in Chrome, they're not going to change their website. They're going to ask you to install another browser.
A decade back, maybe... but decades ago the number of things you had to support was just so much smaller even if you only looked at HTML! Consider https://www.ietf.org/rfc/rfc1866.txt vs https://html.spec.whatwg.org/multipage/
Writing a web browser was hard in the old days for a lot of reasons, but trying to write a full-featured one today is a huge undertaking and we're still adding a bunch of new features all the time and expecting browsers to support them
I thought, oh, that's not so bad. Then I realized what I was looking at was a 10 page index.
Probably not. Yeah we have web standards and some idea of how to architect it, but the total set of APIs and HTML/CSS features a browser supports is probably changing faster than the Ladybird team can actively implement it. The API surface is just impossibly large compared to 10 or 15 years ago. Look at all of these: https://developer.mozilla.org/en-US/docs/Web/API
And that doesn't include the updates to Javascript, MathML, SVG, HTTP-based security features, encryption or media support.
- standards are really detailed at this point and a large reason why the three remaining browser engines (chromium, safari, and firefox) largely do exactly the same things.
- There are a lot of open source components. It's not necessary to start from scratch on things like wasm and javascript interpreters for example. There are some nice low level graphics libraries out there as well. And of course things like Rust are now pretty mature and there's a lot of rust code out there that does stuff that a browser would need.
That being said, it's one hell of a hobby project to take on and I don't see much economical value in an independent implementation of something provided by free by three independent browsers already; two of which are open source.
Which begs the question: why?!? Is there qualitative argument here of doing the exact same thing but somehow better?
1. https://www.webkit.org/blog/14633/get-ready-for-interop-2024...
The idea of being able to ship an XML template with basic logic like for loops alongside the actual XML data source is really unique today. If people cared to use XML at all, that really does cover quite a few use cases that we current reach for JSON + client JS today.
I've been watching the development videos for a year or two, and the speed that this has progressed in such a short time is unbelievable. Now they have multiple volunteers and enough sponsorship to pay more than one developer, it's pretty exciting what could happen here!
I would consider contributing but development is coordinated on Discord and I avoid proprietary software… [1]. It's a shame. Can't blame them though, they are doing it for fun.
[1] https://drewdevault.com/2022/03/29/free-software-free-infras...
" Q: Why bother? You can’t make a new browser engine without billions of dollars and hundreds of staff.
Sure you can. Don’t listen to armchair defeatists who never worked on a browser. "
Nice take.
It's a huge shame that there are no nightly builds of ladybird to try out but I assume that's because they just don't want the bug reports (if everything doesn't work it's pointless getting random bugs filed).
(agreed, it is a credible alternative to Blink's dominance)
And for me there is the question of canvas, threejs, react-three-fiber and react-drei. Is it possible that - especially with mobile - that canvas could be used to provide a better user experience? Who writes games for mobile with a HTML and CSS? Not saying it can't be done, but I wonder how many web sites require HTML & CSS instead of canvas?
A big barrier to browser competition is needing to implement obsolete and outdated technology. Why not just a minimum set of html and canvas.
Just thinking. Your thoughts?
Interview with Andreas Kling of Serenity OS (2022) - https://news.ycombinator.com/item?id=39286638 - Feb 2024 (134 comments)
Related to OP:
Ladybird browser update (July 2023) [video] - https://news.ycombinator.com/item?id=36939402 - July 2023 (1 comment)
Chat with Andreas Kling about Ladybird and developing a browser engine - https://news.ycombinator.com/item?id=36620450 - July 2023 (65 comments)
Shopify Sponsored Ladybird Browser - https://news.ycombinator.com/item?id=36502583 - June 2023 (1 comment)
I have received a $100k sponsorship for Ladybird browser - https://news.ycombinator.com/item?id=36377805 - June 2023 (166 comments)
Early stages of Google Docs support in the Ladybird browser - https://news.ycombinator.com/item?id=33511831 - Nov 2022 (84 comments)
Github.com on Ladybird, new browser with JavaScript/CSS/SVG engines from scratch - https://news.ycombinator.com/item?id=33273785 - Oct 2022 (1 comment)
Ladybird: A new cross-platform browser project - https://news.ycombinator.com/item?id=32809126 - Sept 2022 (473 comments)
Ladybird: A truly new Web Browser comes to Linux - https://news.ycombinator.com/item?id=32014061 - July 2022 (8 comments)
Ladybird Web Browser - https://news.ycombinator.com/item?id=31987506 - July 2022 (2 comments)
Ladybird Web Browser – SerenityOS LibWeb Engine on Linux - https://news.ycombinator.com/item?id=31976579 - July 2022 (2 comments)
Google, on the other hand, provides a web engine with a nice license and reasonable ergonomics that can be used for all sorts of projects. This allows them to execute an EEE strategy:
Embed (into all kinds of projects)
Enforce (moving-target standards of your own making)
Exhaust (any potential competitor/resources that needs to chase after them)
This is why I wish we can get an alternative, OSS, easy-to-embed engine soon.
It's (IMO) very pronounced and hard to avoid on Mastodon.
Discussion: https://news.ycombinator.com/item?id=36502433 (246 points | 7 months ago | 66 comments)
If the language becomes mature enough, and there are people interested enough in doing that porting, it will likely happen.
I think their C++ code is also constrained enough due to the use of their custom standard library that it would be possible to write a transpiler from C++ to Jakt.
I will note though that development on the Jakt language has slowed down significantly. After extremely fast initial development, most Serenity developers no longer contribute to the language. Because everything is done exclusively when the contributors feel like it, development happens in bursts. And right now, Andreas is not actively working on Jakt, so very little improvement is happening there. The main developer working on the language is Ali Mohammadpur, but I don't think he is currently being paid to work on the project. So his contributions are also inconsistent.
What are the chances that this could become a real world usable replacement for chrome or Firefox witching the next couple of years?
I hate what a small group of lazy front-end people have done to our world...
Seems like they're involved in many browser technologies, and other technologies.
It's a religious disagreement.
There are tools which are much more user-friendly than IRC (and even Discord, in some aspects), such as Matrix or Zulip. They easily enough could’ve been more pragmatic picking those instead.
> 2023-06-28: Welcoming Shopify as a Ladybird sponsor
Hmm, no new sponsor since august 2023. Not a good sign. I cheer for them to succeed though!
> #!/usr/bin/env bash
> cd ${HOME}/serenity && ./Meta/serenity.sh run lagom ladybird
I guess you could create a .desktop file that invokes the script, or just the "serenity.sh" script directly.
I also find it curious that they are sponsored by a real estate site (:
"Where are the ISO images?
There are no ISO images. This project does not cater to non-technical users."
This comes off as really abrasive. Wanting an ISO image to quickly test this out is not an indicator of someones technical ability.
I'm sorry I don't want to boot up a linux vm, install a lot of development packages and then build my own boot image just to try this out.
I think that’s often the point with OSS projects, especially those that have an ambitious long term vision. If you “don’t want to boot up a Linux VM” etc, they don’t want you. It’s a filter. It means their concern at the moment is the coherence of their community, not increasing their numbers. It’s the same reason projects like this often have absurdly ugly logos, and landing pages that don’t work on mobile. Fast growth is often seen as destructive when you already have a nice little community vibe. It’s essential to maintain that vibe carefully if you have a long term goal of building something important.
Anyone can set up a pipeline to distribute ISO images though, it's open source.
If it's just for fun, we need to temper our expectations accordingly.
Hello everybody out there using minix -
I'm doing a (free) operating system (just a hobby, won't be big and
professional like gnu) for 386(486) AT clones.Is it really important to answer this question? A lot of widely used software started as "just for fun", e.g. Linux or OpenSSL.
I think tempering our expectations should be the default for Open Source software.
And that having expectations as a end user is still a bit premature.
You can expect the project to move somewhat fast.
He did not even use the C++ standard library, when he says "from scratch" it includes his own string class, for better or worse, which is fine since it's "just for fun", "to learn" etc. And just when you think a library and an OS are crazy, he announced a browser and a JavaScript engine on top. Then a JIT compiler, then Jakt, their own novel programming language, because neither C++ nor Rust is what makes him perfectly happy.
More than his expertise I admire his modesty and kindness - unlike Linus etc. he is not full of himself, and each of his videos gives lots of credit name by name of who did what. A perfect role model for open source.
Also, you would think that having to implement EVERYTHING themselves ( they are making their own image decoders as an example -- inclding SVG ) would slow them down. However, as it is written in a mono-repo from soup to nuts, this allows them to very rapidly add support throughout the stack. They do not have any of the endless conversation and arguing that happens between components in Open Source. They do not have to work around things missing upstream. If they need something, they add it.
I can't imagine how it can be for worse; the standard C++ string library is awful. It makes perfect sense that a super-talented C++ dev would make something better if they have the energy and time.
TBH Jakt defaults to reference counting, which makes it compete more with Swift and Go rather than C/C++/Rust.
Would love to read more details about this, or have a link to a video where he describes and follows the process.
It’s still really impressive but he is not the new kid in town when we talk about developing browsers.
Ladybird also comes with their LibJS runtime, which has good coverage of the JS standards and even manages to implement some new features before the big browsers all get to it.
He claims that authors promoting their open source software on channels like Twitter, Hacker news, LinkedIn or even Github is "selfish and unethical outright":
> Many projects choose to prioritize access to the established audience that large commercial platforms provide, in order to maximize their odds of becoming popular, and enjoying some of the knock-on effects of that popularity, such as more contributions.
> To me, this is selfish and unethical outright, though you may have different ethical standards.
I find Zealotry like this tough, and promotes a definition of FOSS that feels hostile against those who want to simply build something cool, and share it with the world - (or even more controversially, make money from FOSS).
Given such a strong view, it's really surprising that he then posts stuff like "Can I be on your podcast"[1] to try to promote Hare - his programming language.
He didn't ask for podcasts that aren't distributed on platforms like Spotify or Apple Podcasts. In fact - he's right there with several appearances promoting Hare.
That feels like hypocrisy.
[1]: https://drewdevault.com/2023/11/09/Can-I-be-on-your-podcast....
I doubt Drew is against making money from FOSS. He actually runs a business (businesses?) around FOSS.
I don't think it's controversial to make money from FOSS anymore. FOSDEM just happened, many companies making money from FOSS were there, and they are liked. Some specific ways of making money might be less appreciated, but not the whole concept.
People are not silly, they know money helps develop (free) software and also many would love to be paid to work on free software.
> That feels like hypocrisy.
No, that feels like living in an imperfect world and trying to make it better. To improve something, you generally need to be part of it and its imperfections.
Isn't this the exact opposite of zealotry? Zealotry is imposing your ethical standards on others.
Requiring the use of priorietary software to access and discuss it is a problem, and requiring complicated software is not that good either, but it is also possible to use open protocols with multiple software.
(In the specific case of GitHub, they had previously allow viewing files without needing JavaScripts; that has changed now, but the data is included as JSON data within the HTML file, so I was able to write my own much shorter script to substitute for theirs. Of course, that does not help much if you do not have that script, but you can still use the git protocol to download the files, or to use the API (the form for creating a new repository has stopped working on my computer, but I have been able to do so by using the API).)
One thing they do not mention is NNTP, which I think can be a helpful alternative than mailing lists (although you can also have multiple interfaces for the same messages).
Just because you don't necessarily have a solid counterargument to his convictions, doesn't make anything he said "over the top." That's just a disingenuous dismissive attitude towards what is clearly a post on his personal website that builds on established and clearly communicated values (freedom of software.)
There's absolutely nothing in that article that criticises making and sharing free software. It is clearly criticising using a certain type of medium to share free software. If that's zealotry, then any argument against doing anything is, too.
I wager that this hostility felt by these views are projections of guilt, devoid of criticisms towards said views or values. In fact, I'd argue that having no opposition towards a certain ethos then opposing it for frivolous reasons such as personal offence out of a public blog post is as close to hypocrisy as one can get.
That would correspond to the NonFreeNet antifeature in F-Droid [1].
They could update the code they released for good measure though [2].
Running Discord is on another level for me. I would consider accessing a Discord using a Matrix or IRC bridge.
I don't think it'd help much.
- There's been a Cambrian Explosion in the web API surface era. The modern stuff dwarfs the old stuff. Dropping support for older/less frequently used mechanisms does not shed as much code and complexity as you might think.
- Beyond mere surface area, the level of engineering required to implement a sort of "Restricted Core Profile" to a competitive degree (e.g. performance) is quite high, if you're talking true blank-canvas development.
- There's a long tail effect in full force, where even mostly-modern websites will use and rely on some cruft here and there, making very few pages work in your supposed browser.
That is to say, it's still a very large, tough project. But the FOSS community has achieved quite a few large, tough projects; it's not the same as saying that it's not possible, of course.
Please stop following Google who is trying to turn the Web into an OS for their own ad-fueled, user-tracking profit.
If you want to make connected (or not) apps, there's already the Internet and OSes for that. And you don't have to make your interface worse by fighting with the browser about it ! (Especially important for games and other "deep" software.)
The whole point of the Web is to be an hyperlinked collection of documents, sometimes multimedia, with maybe a little bit of interactivity with some forms and scripts sprinkled on that.
(As an example to how incongruous the current situation is, imagine a parallel universe where it was Adobe rather than Google that got humongous, and it was the JavaScript in PDFs that was (ab)used instead to make apps.)
Which ones? I have always exclusively used Firefox and rarely have issues.
The real problem is that firefox is tier 2 support or not even. It's a small percent of users so it's a cost/benefit for these businesses.
A recent issue I had was buying tickets from air india. You can't with firefox... it'll hang at a certain point. Switch to chrome... works perfectly.
The web is dead. It's basically client/server nowadays. Firefox is still my main browser, but I keep chrome/chromium around when I need it.
you mean minor aesthetics differences or functionality? I just use firefox, I don't even have chrome, and everything works. And I use mainstream web, nothing too niche.
I've seen them putting all effort on eye-candy while ignoring that the page only works on "retina" display and then only on Safari.
What happens when you put a percentage height on a row in a table. What happens when an element has a margin that doesn’t fit in its parent. How does adding display: flex effect how text is laid out inside an element.
These are things that Gecko and WebKit/Blink handle differently. Some of them are defined in the spec and have tracking bugs, but some of them just aren’t addressed. I don’t think it’s maliciousness or laziness on anyone’s part, but the web is too complicated for there to be multiple perfectly compatible rendering engines.
This seems like hyperbole, frankly.
What if the goal is to keep the relevant communication channels populated exclusively with technical users?
I've seen F/OSS projects completely overrun with support requests from non-technical users. Is it wrong to want to avoid this from the start?
> it is a credible alternative to Blink's dominance
WebKit -> Chrome
Bun -> Node/Deno
It is good to have competitions in Ecmascript landscape, even though it is currently a duopoly, but with introduction of AWS LLRT, and QuickJS, maybe small player can even have a say so in this. It would be good the big corp comply to the Ecmascript and Web API standard.
Step 2: ????
Step 3: Profit.
Well, it's a tough call. I agree that communicating trough them strengthens them because of the network effect. But if you never reach "unaware" people with your ideas where they are (on those platforms, that is), you are not really helping either.
So it's not clear using those platforms only hurts. It could be a net win, all effects taken in account.
In any case, I agree that you should not force people to use these platforms to follow you.
The main argument for doing it is because it is fun, just as with SerenityOS. Having alternative implementations is never a bad thing for web diversity though.
You can report websites that don’t work in Firefox on webcompat.com and Mozilla web developers will test and diagnose the problem. When possible, they attempt to reach web developers at the site (using personal contacts or referrals when official channels aren’t working) to share the bug report and a suggested fix.
In other cases, Firefox can include a site intervention script to patch the site or send a different browser User-Agent string to make it work.
web should be able to be viewed in any browser and get the same document.
If there are sites that work on Chrome but not Firefox, it just seems to me that either:
- Chrome or Firefox must be breaking web standards
- Web standards must be unspecified for that use case
I have no idea the fix though, the web is so massively complex now, that I don't even know what specifying standards for every use case would involve.
Chrome/Blink has exclusive APIs, that often are not on track to be a standard.
This makes Safari (Webkit) and Firefox (Gecko) look bad, because they end up having to implement the same APIs, and then, maybe, it's standardized. Browser extension APIs come to mind.
I wish the situation was more neat and tidy, but it's not.
That being said I've seen a few people here suggest it's easier to use rust's Rc and Box for everything and treat it like Haskell or Scala. So it might not be so different in practice.
(Though to be fair reference counting can be considered a rather rudimentary way of doing garbage collection.)
Actually, that's kinda an issue I see with those bridges and why I'm not totally comfortable with them. Now, if the bridge is run by the people who set up the closed communication tool in the first place, that's a grey area. That makes them run an open protocol / standard with proprietary software, which is better than nothing. I'm okay with having to reach a proprietary network with some free software. Should I join an XMPP network run with a proprietary implementation that I wouldn't probably even know about it, but at least it has usable open source implementations. That's my take. I would be happier if we could just skip the Discord and use the real thing though.
But you know, I would be fine with you considering I'm not completely coherent. I'm not indeed. I have thresholds higher than those of RMS which makes me less coherent than him on this topic.
But after reading that article, I was definitely left feeling judged because I choose to do exactly the things he's talking about, for exactly the reasons he's suggesting. Maybe that's on me, but I certainly felt his standards imposed on me, disclaimer or not.
Also, given the conviction with which he argues with in the article, that disclaimer feels a little weak -- kinda like when someone says "No offence, but... <very offensive thing>".
It’s even more specific than that though isn’t it? A fanatical belief in a single cause to the exclusion of all else.
The commenter somewhat retracted their use of this word in a sibling comment, but it seems important to me that we don't confuse strong views with zealotry. Drew's views are certainly very strong.
Strong views can be rational and well thought. I even believe they are often the ones that can push the world to a better place. Usually you can even argue with someone yielding strong views if they are rational (unless the person is bad at communication / is an asshole, of course it's possible). Strong views can shake you up and are not always enjoyable.
Zealotry is just plain irrational and dangerous and there's no way you can have a constructive discussion with a zealot.
Right, but that's the hypocrisy, no? He's being rude about people who use github, or post an article on HN, but surely most of those guys are doing just the above. When is it OK to use non-free software and when not? Maybe there's a dividing line you can draw about "platforms".
Let's focus on Drew. I've not seen him mention HN, which by the way doesn't require running non-free software, and he literally runs a free software competitor to GitHub. I've not seen him be rude to people using GitHub. He certainly strongly criticizes them.
I assume he uses GitHub to communicate with projects hosted there. If he does, I don't think he could be blamed for meeting people where they are. He is not arguing about this, he is arguing against hosting non free software on proprietary infrastructure and strengthen it instead of helping strengthen the free software ecosystem. Which he doesn't do. He doesn't host his projects on GitHub.
He could boycott GitHub to make an even stronger point, but I believe that isn't practical at this time when you are part of the open source community. And running a whole GitHub competitor is way more than most people do for this cause. Accepting to reluctantly use GitHub (or Discord, or whatever) and spreading the word against its use is not contradictory.
Hypocrisy would be telling people not to use proprietary infrastructure to manage your free software project, and then hosting on GitHub.
Specifically about podcasts because that's what people seem to take issue with here: podcasts are usually hosted somewhere else, in addition to Spotify. Historically, podcasts are handled with RSS feeds, there's nothing more standard and open than this. It would be wrong to force people to use Spotify to hear his podcast, but that's not the case. He also should accept to be hosted on Spotify. When you are spreading ideas, you should want to reach people who are not yet as aware as you are in your cause. If you stay outside the world you criticize, you don't reach people inside it. And more importantly, he didn't mention Spotify at all; in particular, he didn't say "please host me on Spotify". Podcast ≠ Spotify.
I see hypocrisy nowhere.
Activism is hard, you know. You often need to do compromises for you activism to be efficient. Nobody is perfect. Should you wait to be perfect before making something for your cause?
Sure, Podcast ≠ Spotify, just as Git ≠ Github. But people choose to distribute their code on Github for exactly the same reason the people choose to distribute their podcasts on Spotify - reach.
That exact reach is what Drew argues so articulately against - in fact he expressly calls out marketing on Twitter and Facebook as a "mistake", and damaging against the FOSS community. He goes on to encourage people to prefer open infrastructure with lesser reach, even if that comes at the expense of effectiveness:
> Such projects would prefer to exacerbate the network effects problem rather than risk some of its social capital on a less popular platform. To me, this is selfish and unethical outright.
It's hard to see how that same argument doesn't extend to promoting your software on podcasts which are primarily distributed via Spotify, Apple Podcasts, etc.
On the topic of Activism, I think I'd agree with you, if he was on Spotify podcasts promoting other "Free" podcast platforms.
But he's not - he's promoting a programming language.
Fair call.
I've never had issues loading/using reddit from any browser aside from their annoying "use our app" popups.
1.) Refresh Firefox: Click the menu button with 3 lines -> "Help" -> "More troubleshooting information" -> "Refresh Firefox..."
2.) Check your Enhanced Tracking Protection settings from the Privacy & Security tab in the Settings menu. If it's set higher than Standard, it could be causing sites like reddit, sites that use Cloudflare for protection, etc., to load incorrectly or fail to load entirely.
Ladybird's approach has been to start with a somewhat naive implementation of features, then choose popular websites and apps and just continuously iterate to make them gradually look better, by fixing the parts that stand out. This pragmatic approach means that their supported feature set, while nowhere near 100%, can decently render 90% of websites due to being aligned with the most commonly used features.
They didn't listen or care.
Becoming part of it isn't hard either, if you test software either as a SW engineer on a team or as a full time tester it might actually save you some time :
- If you use Mac, test in Safari first. On any other platform, install Firefox (or the Debian version, or Librewolf) and use it as the first tool to test applications.
- If it doesn't work (and the customer hasn't very explicitly said they absolutely only care about Chrome or IE^CEdge) report it as a bug.
I mean, seriously, who would have accepted a feature that only worked in IE 6?
---------
OK, some people might say: but IE 6 was an old and outdated browser, you cannot compare IE 6, or any version of IE for that matter to Chrome.
Or one might say: Chrome has already won, your idealism is appreciated, but you are too late.
Well, here is the thing: IE was at one point in almost the exact same postition as Chrome is now:
- biggest browser by far
- endorsed (or even enforced) by IT
- lots of features only worked in IE. (I remember one particular customer who seemed to be obsessed with security to the point were we had to keep a VM with Windows XP and IE 8 around with both Active X and Java Applets enabled to sign into them. This was around 2014..! Yes, if you find this notion of security absolutely ridiculous then we agree.)
---------
OK, one key difference:
Back in 2006 when I started fighting IE we had Mozilla on our side. Firefox was innovating like crazy. We had extensions that let us embed IE in a tab to render certain web sites. We could automatically archive a full website for offline access (full rewrite of links so they worked on our copy was included). Full developer tools that everyone knows from every browser these days started out as just an extension to Firefox, named Firebug IIRC.
Today, while I understand that the extension API had to be reigned in before a disaster happened, it went way to far and today we cannot even get a function in the API to programmatically remove the top tab bar when we add a tab bar on the side. And not only that, but if someone asks about that particular issue, someone will come and hush and hide the comment.
So godspeed to Ladybird devs and Orion devs, Librewolf devs and actually even Safari devs and everyone else who challenges the current monopoly!
Elsewhere in this comment section someone literally said they use Chrome because Reddit does not work in Firefox, which is utter nonsense.
Doesn't work since the corporation can just fire you and replace you with someone who has no such objections.
My opinion is that he didn't explicitly ask for the podcasts to be on Spotify or Apple. That Spotify and Apple Podcast are the main way of consuming podcasts is not of his making. And maybe he requests podcasts not to be hosted on those platforms. Maybe not.
But I can see how you may find that there can be some contradiction here.
To me this would be a "you still need to be part of this imperfect world" thing, or a "imperfect activism" thing, but I would totally understand someone disagree with this / find that it's not coherent.
Here's Wikipedia: https://i.imgur.com/IshNWU2.png
Ladybird implements far more web technologies than more well-funded, longer-running alternative browser projects.
Servo themselves say they only pass 55.8% of tests[1]. This thread[2] says Servo doesn't support SVG[2] as of Nov 2022.
[2] https://old.reddit.com/r/browsers/comments/z2d7pr/servo_base...
For the mainstream browser engines, yes, but if you're starting a browser from scratch the amount of stuff you have to implement is massive and cannot be implemented in the span of even a couple of years.
> I was speaking loosely when I said "being rude" - he criticizes them
Ok, we are on the same page. The distinction is important to me :-)
People can change browser more easily than changing banks. They can even have multiple different browsers on their machine, and one for only doing banking.
(At PARC we avoided) putting any externally controlled system, in- house or out, on one's critical path. ... Thus, virtually all the PARC hardware ... and software ... were completely built inhouse by these few dozen researchers.
This sounds disastrous, (because) in programming there is a widespread first order theory that one shouldn't build one's own tools, languages, and especially operating systems. This is true --- an incredible amount of time and energy has gone down these ratholes. On the second hand, if you can build your own tools, languages, and operating systems you absolutely should because the leverage that can be obtained (and often the time not wasted in trying to fix other people's not quite right tools) can be incredible.
One more reason to start from scratch: to get the functionality you want from an existing offering, you would also have to include a lot of other stuff you don't need, resulting in unnecessary complexity and resource consumption.
For Ardour, we feel entirely free to just bring an upstream library into our source tree if we need to. And we also have our dependency stack builder that configures and occasionally patches upstream libraries to be just the way we need them. We do not wait for upstream adoption of our patches.
Most recently, for example, we became aware of impending moves by various Linux distros to remove GTK2, which we rely on. Even though we don't support distro builds, we want Linux maintainers to still be able to build the software, so we just merged GTK2 into our source tree.
This idea that using a 3rd party library becomes some sort of constraint is very, very far from reflecting universal truth. If we need to hack a 3rd party lib to make it do what we need, we just do it. Meanwhile, we get all the benefits of that lib. Ardour depends on about 86 libraries - we would be insane to rewrite all that functionality from scratch.
Considering the vast amount of exploits that continually comes out of media decoders everywhere, this basically guarantees I will never ever use this browser.
Edit: Seems like it's using OpenBSD's pledge API? https://www.youtube.com/watch?v=bpRw6KQnY0k&t=8107s
It’s like crypto, you have to be very deliberate with your choices, and it’s generally ill-advised to roll your own.
There would be absolutely nothing sacrificed by using open source, well-tested libs for image decode.
Just because something is widely used doesn't mean it's more secure (example: libwebp). The security issues tend to happen mostly when creating optimizations that bypass the "obviously secure" way to do things, but rely on an internal state that gets broken by another optimization down the line. This is way less frequent in "smaller" projects, just because they didn't need to go through that round of optimizations yet.
For this question specifically, tho, I think Ladybird is extremely interesting in terms of creating a security-focuses C++ project. Between the constant fuzzing that each part of Ladybird already goes under (courtesy of the OSS-Fuzz initiative), the first-class citizenship of process separation for the different features of the browser, the modern C++ used in Ladybird (that prevents a lot of the issues cropping up in commonly used media decoding libraries), the overall focus on accuracy over performance in library implementations, and the compiler-level sanitatization utils (UBSAN, ASAN) that are enabled-by-default, I think it's less likely that an critical security-impacting bug would exists in Ladybird's .ico support than in Webkit's for example.
Don’t get me wrong, how far they’ve gotten is very laudable and as a educational exercise it is really cool, but it starts being a pretty massive risk if users start using this as a daily driver.
Small scrappy team writing simple and consice code from scratch is likely to produce fewer bugs than enterprisey monstrosities.
I think you have a fundamental misunderstanding of the goals of the EU in this matter. The objective is not to keep both companies on even keel, but it is merely about enforcing existing anti-monopoly laws. If this results in Google gaining a de-facto browser monopoly then those same laws can be used to break up that monopoly when we get to it.
What would be the alternative in your opinion? Allow Apple to break the monopoly laws in hope that they will be able to rein in the growth of the Google browser? What good is a law if it will not be enforced?
Force Apple to allow alternative rendering engines, but only the ones with <50% market share. This would promote diversity in rendering engines without giving what is already by far the most dominant rendering engine the opportunity to get more of a stranglehold over the market.
People already mistake Blink-only APIs like Web USB, Web Bluetooth, Web MIDI, etc. for web standards. The market is already dangerously close to where it was 20 years ago, where a vast number of web developers treat the most popular rendering engine as if it’s synonymous with the web. Handing more opportunities for market share to Blink is playing with fire.
You want Apple to allow Gecko or Ladybird? Sounds great! But the monopoly that threatens the web at the moment is Blink.
That means no more “download Chrome” prompts on Google search and YouTube, no pestering people to install Chrome when tapping links in Google iOS apps, no bundling of Chrome in installers of unrelated software (very common on Windows), etc.
Some sort of rule against favoring one’s own browser in web apps (as has happened with GSuite and YouTube on multiple occasions) would also be nice but unfortunately strikes me as unlikely.
It would be nice if there were more alternatives, but I can't really expect anyone to spend the resources necessary. I don't think crippling chrome for some kind of sense of "fairness" is a productive solution.
That's just playing sides.
It's never ever that simple in politics, and this is about a new law (Digital Markets Act). Ask yourself:
- How were all the terms in the Digital Markets Act determined?
- Which players or initiatives were able to scoot by unnoticed (e.g. Chrome's grip on web standards)?
- What is the interpretation of what constitutes a gatekeeper? (note: its actually 'gatekeeper' not monopoly we're talking about).
- Who will decide whether Apple's changes are in compliance?
It can be true that their aims are generally to have more fairness in the market, but there's always going to be other factors at play in this kind of legislation. Note that the DMA was written in a way that allowed Europe-based Spotify and Booking.com to avoid being labeled gatekeepers.
Booking.com is registered in the US...
At the very least, if the EU really wants to limit the tech giants' grip on the web, it needs to fund independent open source web engine development handsomely; their pockets are more than deep enough and projects like ladybird and servo can use the extra resources.
You're misunderstanding the goals of the EU. The EU only cares about limiting their grip as a result of their main goal. The main goal of the EU is to protect the rights of their citizens, which they do by enforcing existing anti-monopoly laws.
The EU has in principle no problem with a company gaining giant market share by providing a successful service or product. There would be no problem if Google or Apple would gain 99% market share by everybody voluntarily choosing their product. But it is a problem if they then use that marketshare to make it harder for competitors to compete.
I.e.: you're wrong to say that they're trying to minimise the 'grip' they have. They are merely trying to prevent companies abusing that grip.
That being said; I'm pretty sure that the EU does actually fund a lot of open source development
The performance improvements are nice, but trying to make a Firefox another Chromium skin irks me. Plus I still miss the official compact mode.
That's the problem. They should go after Google too. Honestly all of these megacorporations should be broken up.
> In addition, apps that use alternative browser engines — other than Apple’s WebKit — may negatively affect the user experience, including impacts to system performance and battery life.
https://www.apple.com/newsroom/2024/01/apple-announces-chang...
I'd like to take issue with this statement...its spyware, and its atrocious to modify. You can't slim down a chrome browser, and it can force you to do whatever it wants to...
It's actually really, really bad...
Otherwise how would new/better stuff ever get built?!
> Otherwise how would new/better stuff ever get built?!
The problem here is that people are salivating to use this as their daily driver. When WireGuard was still in development, everyone got told in very strong terms to not use it in any setting that required actual security.
Browsing the web at large is sort-of hostile by default.
Ladybird is a great project, and I hope it keeps developing, but any user that thinks their media decode libraries will be bulletproof libs free of vulnerabilities are nuts.
Perhaps a few devs have nowhere near the required escape velocity to create vulnerabilities before they can be fixed, nor the pressure of PMs to ship substandard code?
Sure. And its a high bar to challenge the same or better vulnerability profile that the established players have. But a "small scrappy team" which is capable of doing everything this team has done certainly garners a lot of confidence that the bar is possible.
Spotify is definitely no money maker. That said, its market share alone would/should put it in the crosshairs of gatekeeping laws.