Internet Archive

Andreas Kling steps down from SerenityOS to focus entirely on the Ladybird browser

We’ve got some possibly sad, possibly great news. Today, Andreas Kling, the amazing developer who started SerenityOS as a way to regain a sense or normalcy after completing his drug rehab program, has announced he’s stepping down as the ‘big dictator for life’ of the SerenityOS project, handing leadership over the maintainer group. The other half of the coin, however, is that Kling will officially fork Ladybird, the cross-platform web browser that originated as part of SerenityOS, turning it into a proper, separate project. Personally, for the past two years, I’ve been almost entirely focused on Ladybird, a new web browser that started as a simple HTML viewer for SerenityOS. When Ladybird became a cross-platform project in 2022, I switched all my attention to the Linux version, as testing on Linux was much easier and didn’t require booting into SerenityOS. Time flew by, and now I can’t remember the last time I worked on something in SerenityOS that wasn’t related to Ladybird. ↫ Andreas Kling If you know a little bit about Kling’s career, it’s not entirely surprising that his heart lies with working on a browser engine. He originally worked at Nokia, and then at Apple in San Francisco on WebKit, and there’s most likely some code that he’s written in the browser you’re using right now (except, perhaps, for us Firefox users). As such, it makes sense that once Ladybird grew into something more than just a simple HTML viewer, he’d be focusing on it a lot. As part of the fork, Ladybird will focus entirely on Linux and macOS, and drop SerenityOS as a target. This may seem weird at first, but this is an entirely amicable and planned step, as this allows Ladybird to adopt, use, and integrate third party code, something SerenityOS does not allow. In addition, many of these open source projects Ladybird couldn’t really use anyway because they simply didn’t exist for SerenityOS in the first place. This decision creates a lot of breathing room and flexibility for both projects. Ladybird was getting a lot of attention from outside of SerenityOS circles, from large donations to code contributions. I’m not entirely surprised by this step, and I really hope it’s going to be the beginning of something great. We really need new and competitive browser engines to push the web forward, and alongside Servo, it now seems Ladybird has also picked up the baton. What this will mean for SerenityOS remains to be seen. As Kling said, he hasn’t really been involved with SerenityOS outside of Ladybird work for two years now, so it seems the rest of the contributors were already doing a lot of the heavy lifting. I hope this doesn’t mean the project will peter out, since it has a certain flair few other operating systems have.

This message does not exist

The act of discarding a message that does not exist must therefore do one of two things. It may cause the message contents to also cease to exist. Alternately, it might not affect the existence but only the accessibility of message contents. Perhaps they continue to exist, but discarding the message (which already did not exist) causes the copy operation to cease being invokable on the message contents (even though they do continue to exist). The story of existence has many mysteries. ↫ Mark J. Nelson The one question that can really break my brain in a way that is feels like it’s physically hurting – which it can’t, because, fun fact, there’s no pain receptors in the brain – is the question what exists outside of the universe? Any answer you can come up with just leads to more questions which just lead to more questions, in an infinite loop of possible answers and questions that the human mind is not equipped to grasp. Anyway, it turns out using Outook can lead to the same existential crises.

Servo sees another month full of improvements

Servo, the Rust-based browser engine originally started by Mozilla but since spun off into an entity under the umbrella of the Linux Foundation, has published another monthly update. As almost every month, there’s been a lot of progress on rendering tech I don’t quite understand, and further improved support for various standards. Another major focus is the ongoing font system rework, which is yielding not only vastly improved support for font rendering options, but is also reducing the memory load. The example browser included in Servo is also making progress, from reducing the amount of errors on Windows, to implementing support for using extra mouse buttons to go back and forward, and showing the link desination when hovering the mouse over a link.

Bing went down, and lots of people discovered alternative search engines are whitelabel versions of Bing

It turns out way fewer people knew search engines like DuckDuckGo are just whitelabel versions of Microsoft Bing than I thought. Today, in most of Europe and Asia, search engines like DuckDuckGo, Ecosia, Qwant, other alternative search engines, ChatGPT internet search, and even Windows Copilot were all down. It turns out the culprit was Microsoft Bing; and when Microsoft Bing goes down, everyone who uses it goes down too. Alternative search engines often try to be vague about their whitelabel status, or even outright hide it altogether. Bing is a popular search engine for whitelabeling, so when Bing goes down, almost the entire house of cards of alternative search engines comes tumbling down as well. DuckDuckGo, for instance, places a lot of emphasis on using specialised search engines like TripAdvisor and direct sources like Sportradar or Wikipedia, as well as its own crawler and other indexes. However, as we saw today, as soon as Bing goes down, DuckDuckGo just stops working entirely. DDG happens to be my main search engine – a case of less shit than everyone else – so all throughout the day I was met with the error message “There was an error displaying the search results. Please try again.” I don’t begrudge DDG or other search engines for repackaging Bing search results – building a truly new search engine and running it is incredibly hard, costly, and you’ll always be lagging behind – but I was surprised by how many people didn’t know just how common this practice really was. My Fediverse feeds were filled with people surprised to learn they’d been using Bing all along, just wrapped in a nicer user interface and with some additional features.

Slack users horrified to discover messages used for “AI” training

After launching Slack AI in February, Slack appears to be digging its heels in, defending its vague policy that by default sucks up customers’ data—including messages, content, and files—to train Slack’s global AI models. ↫ Ashley Belanger at Ars Technica I’ve never used Slack and don’t intend to ever start, but the outcry about this reached far beyond Slack and its own communities. It’s been all over various forums and social media, and I’m glad Ars dove into it to collect all the various conflicting statements, policies, and blog posts Slack has made about their “Ai” policies. However, even after reading Ars’ article and the various articles about this at other outlets, I still have no idea what, exactly, Slack is or is not using to train its “AI” models. I know a lot of people here think I am by definition against all forms of what companies are currently calling “AI”, but this is really not the case. I think there are countless areas where these technologies can make meaningful contributions, and a great example I encountered recently is the 4X strategy game Stellaris, one of my favourite games. The game recently got a big update called The Machine Age, which focuses on changing and improving the gameplay when you opt to play as cybernetically enhanced or outright robotic races. As per Steam’s new rules regarding the use of AI in games, the Steam page included the following clarification about the use of “AI”: We employ generative AI technologies during the creation of some assets. Typically this involves the ideation of content and visual reference material. These elements represent a minor component of the overall development. AI has been used to generate voices for an AI antagonist and a player advisor. ↫ The Machine Age Steam page The game’s director explained that during the very early ideation phase, when someone like him, who isn’t a creative person, gets an idea, they might generate a piece of “AI” art and put it up on an ideation wall with tons of other assets just to get the point across, after which several rounds of artists and developers mould and shape some of those ideas into a final product. None of the early “AI” content makes it in the game. Similarly, while the game includes the voice for an AI antagonist and player advisor, the voice actors whose work was willingly used to generate the lines in the game are receiving royalties for each of those lines. I have no issues whatsoever with this, because here it’s clear everyone involved is doing so in an informed manner and entirely willingly. Everything is above board, consent is freely given, and everybody knows what’s going on. This is a great example of ethical “AI” use; tools to help people make a product, easier – without stealing other people’s work or violating various licenses in the process. What Slack is doing here – and what Copilot, OpenAI, and the various other tools do – is the exact opposite of this. Consent is only sought when the parties involved are big and powerful enough to cause problems, and even though they claim “AI” is not ripping anyone off, they also claim “AI” can’t work without taking other people’s work. Instead of being open and transparent about what they do, they hide themselves behind magical algorithms and shroud the origins of their “AI” training data in mystery. If you’re using Slack – and odds are you do – I would strongly consider urging your boss to opt your organisation out of Slack’s “AI” data theft operation. You have no idea how much private information and corporate data is being exposed by these Salesforce clowns.

Running NetBSD on OmniOS using bhyve

I want to run GoToSocial on some *BSD system. Because I am who I am, I went for using NetBSD 10.0 . And because my hypervisor is running bhyve on OmniOS , you get the title of this blog post. Don’t get too anxious, it is quite straightforward. So let the journey begin. ↫ Joel Carnat Bhyve is a hypervisor originating from FreeBSD, while OmniOS is a distribution of illumos, a continuation of the last open source Solaris release from Oracle. GoToSocial, meanwhile, is an ActivityPub social network server, so it belongs in the same family as Mastodon, Glitch, Akkoma, and countless others. This guide makes this whole process look like a piece of cake, so if you’ve ever been interested in running your own ActivityPub server – read on. On a slightly related sidenote, there’s no OSNews AT instance, partly because I don’t want to deal with the moderation and costs, and partly because I’m incredibly happy being a member of Exquisite, a Glitch instance running on OpenBSD, managed by OpenBSD enthusiasts. Never say never, of course, but the odds of seeing an OSNews AT instance in the future are very slim.

Dillo 3.1.0 released: first release since 2015

Do any of you remember the browser Dillo? The project’s been through a rough few years after the main developer of the layout engine sadly passed away, the lead developer disappeared from the project, the dillo.org domain was lost and taken over by spammers – but now there’s new people at the helm, and the browser just released it first new version since 2015. Dillo 3.1.0 brings a whole host of new features and improvements. Dillo is open source, uses the FLTK toolkit, and runs on Linux, BSD, MacOS, Windows (Cygwin), and more.

What we learned inside a North Korean internet server

A misconfigured North Korean Internet cloud server has provided a fascinating glance into the world of North Korean animation outsourcing and how foreign companies might be inadvertently employing North Korean companies on information technology (IT) projects. The incident also underlines how difficult it is for foreign companies to verify their outsourced work is not potentially breaking sanctions and ending up on computers in Pyongyang. ↫ Martyn Williams at 38 North What an absolutely wild story.

They’re looting the internet

This is the state of the modern internet — ultra-profitable platforms outright abdicating any responsibility toward the customer, offering not a “service” or a “portal,” but cramming as many ways to interrupt the user and push them into doing things that make the company money. The greatest lie in tech is that Facebook and Instagram are for “catching up with your friends,” because that’s no longer what they do. These platforms are now pathways for the nebulous concept of “content discovery,” a barely-personalized entertainment network that occasionally drizzles people or things you choose to see on top of sponsored content and groups that a relational database has decided are “good for you.” ↫ Edward Zitron Corporate social media has gotten so bad, they’re basically unusable. The rare times I open Facebook to like a picture my mother posted or whatever, I’m just gobsmacked by how utterly unusable it has become. I’ve never used Instagram, but whenever I accidentally end up there, I have no idea how to navigate that place. YouTube is more ads than video if you don’t pay for Premium (which I do, because I use YouTube a lot so I get enough value out of it). Twitter is barely worth a mention – it’s no surprise that a social network bought and run by a nazi is now even fuller of nazis than it already was. It’s not just social networks, either. The web as a whole feels like it’s been looted and plundered, and turned into a flyover state strip mall. Browsing the web is, for me at least, virtually impossible without autoplay blockers, my Pi-Hole, Consent-O-Matic, and settings to permanently block requests for location and notification access. The rise of “AI” has only made everything even worse, especially now that the big, wealthy content networks that, yes, own all your favourite technology news websites are also looking into it. Luckily, there’s also a countermovement brewing. I’ve focused OSNews’ entire “social” strategy on Mastodon (and the various other ActivityPub tools), as it’s the only social medium that’s usable and enjoyable. With the nazis remaining on Twitter, and all the brands and influencers on Facebook (or Threads or whatever), everyone else interested in technology coalesced around the Fediverse, and it’s been a massive boon for a small website like OSNews trying to steer clear from all the SEO enshittification. There’s no spam, only relatively small, approachable brands, no influencers, no algorithms – just real, ordinary people, who also care about a usable, fair, and equitable web. I hope that OSNews can eventually be run without any ads at all, but that’s going to take a lot more consistent work from me to convince more and more people to support us through Patreon or Ko-Fi, or for companies to become sponsors. However, I am convinced it’s a better route to take than trying to chase the SEO dragon, because we all know where that leads to.

Do not use Kagi

For quite a while now, you might have noticed various people recommending a search engine called “Kagi”. From random people on the internet, to prominent bloggers like John Gruber and David Pierce, they’ve all been pushing this seemingly new search engine as a paid-for alternative to Google that respects your privacy. Over the past few months to a year, though, more and more cracks started to appear in Kagi’s image, and I’ve been meaning to assemble those cracks and tie a bow on them. Well, it turns out I don’t have to, because lori (I’m not aware of their full name, so I’ll stick to lori) already did it for me in a blog post titled “Why I lost faith in Kagi“. Even though I knew all of these stories, and even though I was intending to list them in more or less the same way, it’s still damning to see it all laid out so well (both the story itself, as well as the lovely, accessible, approachable, and simple HTML, but that’s neither here nor there). Lori’s summary hits on all the pain points (but you should really read the whole thing): Between the absolute blase attitude towards privacy, the 100% dedication to AI being the future of search, and the completely misguided use of the company’s limited funds, I honestly can’t see Kagi as something I could ever recommend to people. Is the search good? I mean…it’s not really much better than any other search, it heavily leverages Bing like DDG and the other indie search platforms do, the only real killer feature it has to me is the ability to block domains from your results, which I can currently only do in other search engines via a user script that doesn’t help me on mobile. But what good is filtering out all of the AI generated spamblogs on a search platform that wants to spit more AI generated bullshit at me directly? Sure I can turn it off, but who’s to say that they won’t start using my data to fuel their own LLM? They already have an extremely skewed idea of what counts as PII or not. They could easily see using people’s searches as being “anonymized” and decide they’re fine to use, because their primary business isn’t search, it’s AI. ↫ lori at lori’s blog The examples underpinning all these pain points are just baffling, like how the company was originally an “AI” company, made a search engine that charges people for Bing results, and now is going full mask-off with countless terrible, non-working, privacy-invasive “AI” tools. Or that thing where the company spent one third of their funding round of $670,000 on starting a T-shirt company in Germany (Kagi is US-based) to print 20,000 free T-shirts for their users that don’t even advertise Kagi. Or that thing where they claimed they “forgot” to pay sales tax for two years and had to raise prices to pay their back taxes. And I can just keep on going. To make matters worse, after publication of the blog post, Kagi’s CEO started harassing lori over email, and despite lori stating repeatedly they wanted him to stop emailing them, he just kept on going. Never a good look. The worst part of it, though, is the lack of understanding about what privacy means, while telling their users they are super serious about it. Add to that the CEO’s “trust me, bro” attitude, their deals with the shady and homophobic crypto company Brave, and many other things, and the conclusion is that, no, your data is not safe at Kagi at all, and with their primary business being “AI” and not search, you know exactly what that means. Do not use Kagi.

Beeper leaves beta, acquired by Automattic

If you haven’t already heard of Beeper, welcome! Beeper is a universal chat app for Android, iOS and desktop. Our goal is to build the best chat app on earth. Beeper is built on an open source chat protocol called Matrix. Over time, we’ll help people migrate from proprietary, siloed chat networks to an open standard for chat. If you’re interested in learning about this, we’ve written more about our intentions. ↫ Beeper team Beeper is just great. Because I’m European and have ties to two different countries with vastly different chat preferences, as well as a number of friends living all over Europe and the US, I’ve always had to deal with at least four different instant messaging applications. Beeper, and especially the recent completely redesigned Android version, is so good and seamless that I no longer need to use the individual applications at all. It’s not perfect – the new Android version (the iOS version is old and outdated compared to the Android one) still has some issues. If you receive a video and play it, it doesn’t maximise unless you perform a very delicate zoom in pinch. Sometimes, sending video fails. Some emoji replies on some services look huge and pixellated. I’m sure these are all relatively low-hanging fruit types of bugs that’ll get fixes over the coming weeks and months now that the application is out of beta. However, the actual core of the application has been working amazingly well for me. Beeper also has another major announcement. I’m excited to announce that Beeper has been acquired by Automattic. This acquisition marks the beginning of an exciting new chapter as we continue our mission to create the best chat app on earth. ↫ Eric Migicovsky Automattic is the company behind WordPress, Tumblr, Pocket Casts, and a whole load of other products and services. Beeper seems like a good fit, since Automattic recently also acquired Texts.com, another multi-platform messaging client.

Embedding the Servo web engine in Qt

I’ve been talking about Servo, the Rust browser engine project originally started at Mozilla, for a while now, and while the project’s still got a long way to go, it’s definitely a serious contender to become a competitive browser engine in the future. It seems it’s starting to get some traction already, as The KDAB Group is working on bringing Servo to Qt. At KDAB we managed to embed the Servo web engine inside Qt, by using our CXX-Qt library as a bridge between Rust and C++. This means that we can now use Servo as an alternative to Chromium for webviews in Qt applications. ↫ Andrew Hayzen and Magnus Groß They’re already showing off a basic QML application rendering websites using Servo, which is pretty cool. It goes to show that Servo can definitely eventually fulfill the role that Chromium, WebKit, and Gecko fulfill now.

A deep dive into email deliverability in 2024

On October 3, 2023, Google and Yahoo announced upcoming email security standards to prevent spam, phishing and malware attempts. Outlook.com (formerly Hotmail) is also enforcing these policies. With the big 3 Email Service Providers (ESP) in agreement, expect widespread adoption soon. Today’s threats are more complex than ever and more ESPs will begin tightening the reigns. Failure to comply with these guidelines will result in emails being blocked beginning April 2024. In this article, we’re going to cover these guidelines and explain what senders must do in order to achieve and maintain compliance. ↫ XOMedia Some of these changes – most of them impact bulk senders and spammers – should’ve been implemented ages ago, but seeing them being pushed by the three major email providers, who all happened to be owned, of course, by massive corporations, does raise quite a few red flags. Instinctively, this makes me worried about ulterior motives, especially since running your own email server is already fraught with issues due to the nebulous ways Gmail treats emails coming from small servers. With the rising interest in self-hosting and things like Mastodon, I hope we’re also going to see a resurgence in hosting your own e-mail. I really don’t like that all my email is going through Gmail – it’s what OSNews uses – but I don’t feel like dealing with all the delivery issues people who try self-hosting email lament about. With a possible renewed wave of interest in it, we might be able to make the process easier and more reliable.

Servo: tables, WOFF2, and more

This month, after surpassing our legacy layout engine in the CSS test suites, we’re proud to share that Servo has surpassed legacy in the whole suite of Web Platform Tests as well! ↫ Servo blog Another months, another detailed progress report from Servo, the Rust browser engine once started by Mozilla. There’s a lot of interesting reading here for web developers.

Floorp Firefox fork makes its modifications closed source due to forks

Update: a short notice on the blog post now reads that “Floorp’s code is now fully public again.” It seems the developer has reversed course, which is good news. The original article continues below. Recently, a few people suggested I give the browser Floorp a try, a Firefox fork with some additional UI changes and additions. Since it was based on Firefox ESR, however, I saw no point in even trying it, because I prefer to be on the latest Firefox release. It seems I accidentally made the right choice, since yesterday the developers behind Floorp decided to take their modifications closed source. The appearance of Floorp forks – which, may I remind you, is a fork itself – seems to be the cause. I know it’s not nice of me to say, but Floorp has been in too much demand. It am surprise to me that companies and organizations would fork a fork that I had created when I was still a teenager, and at first I was happy about it, but it was not beneficial to me, and on the contrary, it was mentally draining. There were forks that wanted to hide the fact that they were Floorp forks, forks that did not want to contribute to Floorp at all, forks that used the code for life and just changed the name of Floorp, and many other forks were born. ↫ Floorp blog It seems the developer of Floorp is rather young, and started the project as a teenager, and as such, I don’t think we should be too harsh on them – I did some dumb things as a teenager – but complaining about forks of your own fork seems a bit disingenuous, regardless of how young and inexperienced you are. I understand seeing your work forked into competing browsers can be frustrating, but it’s a core part of the open source world, especially if you yourself owe your product to forking, too.

Wikipedia no longer considers CNET a “generally reliable” source after “AI” scandal

Remember last year, when we reported that the Red Ventures-owned CNET had been quietly publishing dozens of AI-generated articles that turned out to be filled with errors and plagiarism? The revelation kicked off a fiery debate about the future of the media in the era of AI — as well as an equally passionate discussion among editors of Wikipedia, who needed to figure out how to treat CNET content going forward. Gerard’s admonition was posted on January 18, 2023, just a few days after our initial story about CNET‘s use of AI. The comment launched a discussion that would ultimately result in CNET’s demotion from its once-strong Wikipedia rating of “generally reliable.” It was a grim fall that one former Red Ventures employee told us could “put a huge dent in their SEO efforts,” and also a cautionary tale about the wide-ranging reputational effects that publishers should consider before moving into AI-generated content. ↫ Maggie Harrison Dupré Excellent response by Wikipedia. Any outlet that uses spicy autocomplete to generate content needs to be booted off Wikipedia.

Tumblr and WordPress owner is striking deals with OpenAI and Midjourney for training data, says report

Speaking of collecting data, here’s another major content player signing a deal to sell your content to “AI” companies. The owner of Tumblr and WordPress.com is in talks with AI companies Midjourney and OpenAI to provide training data scraped from users’ posts, a report from 404 Media alleges. The report, based on an anonymous source inside the company, says that deals between Automattic and the two AI companies are “imminent.” It follows nebulous rumors that have spread on Tumblr over the past week, suggesting a deal with Midjourney could provide a new revenue stream for the site. ↫ Adi Robertson at The Verge We use WordPress for OSNews, but it seems this only applies to content hosted at WordPress.com, not on WordPress installations hosted elsewhere. If you host a site at WordPress.com, you might want to go to your admin panel and opting-out of this nonsense real fast.

Meta will start collecting “anonymized” data about Quest headset usage

Meta will soon begin “collecting anonymized data” from users of its Quest headsets, a move that could see the company aggregating information about hand, body, and eye tracking; camera information; “information about your physical environment”; and information about “the virtual reality events you attend.” In an email sent to Quest users Monday, Meta notes that it currently collects “the data required for your Meta Quest to work properly.” Starting with the next software update, though, the company will begin collecting and aggregating “anonymized data about… device usage” from Quest users. That anonymized data will be used “for things like building better experiences and improving Meta Quest products for everyone,” the company writes. ↫ Kyle Orland at Ars Technica Is it just me, or is the idea of Facebook collecting this type of data in particular just exceptionally creepy? I mean, browsing history or whatever is one thing – already bad enough – but hand, body, and eye movements, and camera information? Of course, this was the only expected course for Quest owners, but now that the time is here, it still feels just as creepy as when we first imagined it when Facebook bought Oculus.

The surprising truth about pixels and accessibility

Should web developers use pixels or ems/rems for accessible fonts? It’s an emotionally-charged question because there are a lot of conflicting opinions out there, and it can be overwhelming. Maybe you’ve heard that rems are better for accessibility. Or maybe you’ve heard that the problem is fixed and pixels are fine? The truth is, if you want to build the most-accessible product possible, you need to use both pixels and ems/rems. It’s not an either/or situation. There are circumstances where rems are more accessible, and other circumstances where pixels are more accessible. ↫ Joshua Comeau The linked article isn’t just an explanation of why, but also a tutorial.