Hey Andreas, currently watching your talk. Really nice so far. I included ladybird in my lecture‘s browser overview which I start giving today. Hope that I can also include it in the top 3 to use browsers in the future. Really looking forward to replace Firefox with Ladybird 😊👍👍
Man you are a living legend, I remember your videos a couple of years ago and you continue to deliver, it's a really outstanding progress, build an OS and a web browser simultaneously, one must be VERY smart to do that. Wish you all the success and wellness.
I just realised that 2:11 is the first time I have actually seen a photo of you head to toe in the 6 years I've known you LOL Great presentation btw :)
BSD or MIT don't make it any easier to "steal", the user is still bound by the license which requires them to attribute the original author if they modify and/or redistribute the code.
@@pseudo_goose sure, but there's proprietary software with GPL licenses out there that have been caught red handed just bc the license says so doesn't mean they'll do
@@FlanPoirot That applies equally to both GPL and more permissive licenses. If they're going to steal/plagiarize, they're going to do it no matter what the license is. GPL doesn't make it somehow easier to catch them / permissive licenses don't make it easier for them to get away with it. On the other hand, the companies that say "no, we can't use GPL" are the same companies that are going to comply with the permissive licenses and provide an "open source credits" page, because they understand it's easier to do that than get negative rep for not complying.
@@pseudo_goose the point of GPL is not "giving credit" it's actually to prevent people from close sourcing the software that's licensed under it. it's quite a radical license in a way. if you're writing a library a permissive license is probably your best bet. but some people make standalone programs and don't want it to ever become close source or have anything to do with that
I think the "don't roll your own crypto" is more around creating a custom crypto algorithm than implementing an existing crypto standard. That's because it is difficult to make a new algorithm secure and requires specialist knowledge. Auditing the crypto software is similar to auditing the other software.
There are still hazards with your own implementation - you can easily reintroduce side-channel attacks that the existing libraries have already been hardened against. But you're right, it is possible to audit, and maybe port some of the PoCs to help find those issues.
@@pseudo_goose Sure, getting an implementation right is hard. However, a lot of the side channel issues tend to involve complex fixes outside of the implementation of specific cryptographic algorithms and associated libraries. Things like varying the time a setTimeout takes, or reducing the time precision of time calls so an attacker cannot infer that a speculative read happened to mitigate things like spectre.
1:00:35 - Lol, if I remember right, the story goes that back in the day, nobody JIT'd javascript code, but Google saw that Google Maps (and/or Google Earth?) were sluggish, so they went and forked Webkit to create Chrome.
Andreas, having been an avid channel viewer over the last few years, I was wondering about you "exporting" Ladybird from SerenityOS, but when one considers Node, you cannot help wondering why you cannot "export" JavaScript in a similar way. That will be one amazing idea as well. Node needs competition.
Well, there is Deno and Bun, that does the same as nodejs. + there is literally a tens (if not hundreds) of JS engines written in various languages. But why don't you, @your_utube create a nodejs platform for SerenityOS?
tbh i dont know any sane web dev who would depend on eval (in the current day), everyone should just deprecate it and consequently remove it from the spec
Nice presentation ❤. The only thing about pure programmers like those in the classroom is they have a hard time making hardware because of their complete lack of practical technical skills. They can't build or make any type of scientific equipment like those in LAM Research, Applied Materials, etc. Without hardware, software is useless. Most of these kids don't understand that.
Your statement is partly true and mostly irrelevant. Most programmers don't need to make hardware or understand electronics; and without software, most hardware is useless too. Depending on the field a programmer is working in, understanding of hardware (CPUs mostly) is helpful but in many fields it is completely irrelevant. I understand that you have knowledge and practical skills in making hardware/electronics (I do too) but your way is not the only legitimate way. There are enough humans on earth - specializing in one field, programming or electronics, is totally ok.
Without software, hardware doesn't run either. There was a breeze about Hardware Acellerated, but the graphic industry meant executed by GPU, nowadays expanded with all kind of FPGA's, TPU's, NPU's and asics.
That little coding session was like a drop of water. We NEED coding videos again!!! ❤
Man, these students are lucky. It's not often you get a talk like this in school.
Hey Andreas, currently watching your talk. Really nice so far. I included ladybird in my lecture‘s browser overview which I start giving today. Hope that I can also include it in the top 3 to use browsers in the future. Really looking forward to replace Firefox with Ladybird 😊👍👍
The answer to why we need Ladybird @28:45 is so important to the entire industry.
Man you are a living legend, I remember your videos a couple of years ago and you continue to deliver, it's a really outstanding progress, build an OS and a web browser simultaneously, one must be VERY smart to do that. Wish you all the success and wellness.
I miss your coding sessions but i understand that now you have a lot of responsibilities since the project growth
I just realised that 2:11 is the first time I have actually seen a photo of you head to toe in the 6 years I've known you LOL
Great presentation btw :)
Leg reveal 2024!
nuts that this stuff is just for free online
Really enjoyed this lecture Andreas. Hoping you get similar invitations in the future
Five BILLION dollars is hard to turn down. Stay strong.
😳
Which timestamp please?
@@NJCOLAS1 5:37
It hasn't happened, but if it does... that'd really be something
@@NJCOLAS1 Pro tip: you can use the Transcript feature on RUclips to search for words.
😂😂😂
Companies being afraid of GPL is a virtue.
yep. it made me smile when he said companies were avoiding taking (stealing) GPL code. it means its working as intended
BSD or MIT don't make it any easier to "steal", the user is still bound by the license which requires them to attribute the original author if they modify and/or redistribute the code.
@@pseudo_goose sure, but there's proprietary software with GPL licenses out there that have been caught red handed
just bc the license says so doesn't mean they'll do
@@FlanPoirot That applies equally to both GPL and more permissive licenses.
If they're going to steal/plagiarize, they're going to do it no matter what the license is. GPL doesn't make it somehow easier to catch them / permissive licenses don't make it easier for them to get away with it.
On the other hand, the companies that say "no, we can't use GPL" are the same companies that are going to comply with the permissive licenses and provide an "open source credits" page, because they understand it's easier to do that than get negative rep for not complying.
@@pseudo_goose the point of GPL is not "giving credit" it's actually to prevent people from close sourcing the software that's licensed under it. it's quite a radical license in a way.
if you're writing a library a permissive license is probably your best bet. but some people make standalone programs and don't want it to ever become close source or have anything to do with that
Did you try using the mold linker to speed up link times?
So inspiring Andreas, keep up the work! I can't even code C++ but maybe one day I can contribute :^)
I think the "don't roll your own crypto" is more around creating a custom crypto algorithm than implementing an existing crypto standard. That's because it is difficult to make a new algorithm secure and requires specialist knowledge. Auditing the crypto software is similar to auditing the other software.
There are still hazards with your own implementation - you can easily reintroduce side-channel attacks that the existing libraries have already been hardened against. But you're right, it is possible to audit, and maybe port some of the PoCs to help find those issues.
@@pseudo_goose Sure, getting an implementation right is hard. However, a lot of the side channel issues tend to involve complex fixes outside of the implementation of specific cryptographic algorithms and associated libraries. Things like varying the time a setTimeout takes, or reducing the time precision of time calls so an attacker cannot infer that a speculative read happened to mitigate things like spectre.
Awesome! Thanks.
1:00:35 - Lol, if I remember right, the story goes that back in the day, nobody JIT'd javascript code, but Google saw that Google Maps (and/or Google Earth?) were sluggish, so they went and forked Webkit to create Chrome.
saw one kid shake there head when you asked if they where familiar with cpp. Must be a java school.
Will Ladybird appear at Web Engines Hackfest this year?
maybe, maybe not, there is no plan
@@kreuner11Singup is currently already open. I hope to see you folks there :)
@@AapoAlas you'd have to discuss with Andreas :^)
Andreas, having been an avid channel viewer over the last few years, I was wondering about you "exporting" Ladybird from SerenityOS, but when one considers Node, you cannot help wondering why you cannot "export" JavaScript in a similar way. That will be one amazing idea as well. Node needs competition.
Well, there is Deno and Bun, that does the same as nodejs. + there is literally a tens (if not hundreds) of JS engines written in various languages. But why don't you, @your_utube create a nodejs platform for SerenityOS?
Duck yeah
Laaaaaaadybiiiiiiird 🐕
1:11:30 that hurts my feelings, more than half of the test suite is simd
;)
tbh i dont know any sane web dev who would depend on eval (in the current day), everyone should just deprecate it and consequently remove it from the spec
Nice presentation ❤. The only thing about pure programmers like those in the classroom is they have a hard time making hardware because of their complete lack of practical technical skills. They can't build or make any type of scientific equipment like those in LAM Research, Applied Materials, etc. Without hardware, software is useless. Most of these kids don't understand that.
Your statement is partly true and mostly irrelevant. Most programmers don't need to make hardware or understand electronics; and without software, most hardware is useless too. Depending on the field a programmer is working in, understanding of hardware (CPUs mostly) is helpful but in many fields it is completely irrelevant. I understand that you have knowledge and practical skills in making hardware/electronics (I do too) but your way is not the only legitimate way. There are enough humans on earth - specializing in one field, programming or electronics, is totally ok.
Without software, hardware doesn't run either.
There was a breeze about Hardware Acellerated, but the graphic industry meant executed by GPU, nowadays expanded with all kind of FPGA's, TPU's, NPU's and asics.