Show HN: Browse HN Together in Three.js (threejs-example.hyperbeam.com)

268 points by declan_g ↗ HN
Hey HN,

We’re Philip, Amby, and Declan, and we made “multiplayer virtual computers” that you can embed anywhere, including 3D spaces. We decided to build this because we noticed that embedding third-party apps and websites can be a nightmare due to incompatible platforms, security issues, and poor UX. Adding multiplayer functionality to these embeds makes this problem exponentially more difficult.

On the backend, we’re spinning up a VM and running a resource-optimized fork of Chromium which we then stream to participants via WebRTC. Since we’re hosting the servers running the applications, multiple users can connect and control the virtual computer seamlessly, and their client just needs to handle a video stream.

If you want to add multiplayer virtual computers to your own app, you can sign up on https://hyperbeam.com/?ch=hn&cm=hn1, grab a free API key, and throw the provided embed URL in an iframe in your app.

You can also play around more with the Three.js demo in our interactive sandbox: https://app.sideguide.dev/hyperbeam/threejs/

If you have any questions or feedback, feel free to comment or shoot me an email at declan@hyperbeam.com.

Thanks!

Docs: https://docs.hyperbeam.com Discord: https://discord.gg/D78RsGfQjq

138 comments

[ 3.1 ms ] story [ 183 ms ] thread
Hi HN! Happy to answer any questions you have about the demo and the tech.
1. This is genuinely impressive. It's a solid example of the reason I visit HN. Kudos to your team. 2. I'm genuinely curious how you anticipate folks using this. The watch-party use case is interesting but it's a crowded space and people are not likely lining up to pay. It seems like hilarious overkill for content embedding. I'm wondering what the killer app is? In the most optimistic way possible.

It's almost like it's so far ahead, I worry that people won't know what to do with it. It's like the "what would you do with infinite bandwidth" problem... even smart people tap out creatively depressingly quickly.

Thanks! > I'm wondering what the killer app is? In the most optimistic way possible We're in the process of figuring it out, but we believe the interactive aspect is super powerful.

Our landing page (https://hyperbeam.com) showcases some of our happy customers.

You mentioned on your website that you have an android emulator, but I couldn't find more details. Do you have a demo URL for the android emulator? I'd love to check it out!
We're still building it out. In the meantime, there are alternatives like https://anbox-cloud.io/ which you can try.

Is there any use-case you have in mind? We're struggling to find people that want android emulators.

We at appmaker.xyz helps Shopify merchants to create native mobile apps without coding. An online emulator will help us to show a preview/demo in the browser. Currently, we're using appetize.
Wow, super cool stuff. Would love to know more about the server-side architecture and how you handle security in your VMs. Also, loved the interactive sandbox demo.
Thanks! Is there anything specific you want to learn more about? At a high level we run a fork of Chromium in the cloud, capture the desktop using gstreamer and stream it back to everyone using Mediasoup.

The folks at SideGuide made the interactive demo for us — we love it too.

Very cool! Is gstreamer used end to end? Mostly curious if you are using CEF (via cefsrc) and webrtcbin, or if you handled the input and output differently.
Thanks! Actually it's neither: we run full Chromium rather than CEF and Mediasoup for webrtc. We have looked into webrtcbin as well, but it wasn't the best fit for us.
Interesting! I've been using webrtcbin for some production work but it's been broadcasting of low latent internally used video with no user input back. I've seen demos of user input with webrtcbin, but have never done it in practice. If you can, do you mind sharing why webrtcbin wasn't a good fit for you (or why MediaSoup was better)?
webrtcbin is nice for one-to-one, but we were looking for something that's a better fit for one-to-many, which is where mediasoup came in. That being said, mediasoup is quite complex from a maintainability perspective since it's designed to handle several use cases, so we plan on making our own webrtc streaming solution in the future that's designed with only one-to-many in mind
Cool stuff guys!!!
This is awesome!

Is there a way to get this to work on mobile? Tried on safari and chrome

Thanks! Yes, it works on mobile too.

When using the API you can set a specific height and width to resize the virtual computer. Additionally, we track touch events and you can drag-and-drop on devices like iPads.

Happy to chat more about it if you'd like! Feel free to join our Discord: https://discord.gg/D78RsGfQjq

It just shows a black screen where the browser should be on my phone but looks great in the browser.

If I wanted to run code that would say scroll through a site for everyone to watch, what is the best way to do it? From your docs looks like I should make a chrome extension and then have it install that?

Which version of iOS are you on?
Latest. 15.6.1
Thanks, I'll go look at what's happening
FYI I’m experiencing the same identical issue with the latest version of iPadOS.
This is the most random funnest thing i've done in days. I tried to inception it by pasting the hyperbeam link into the VC, didn't work though heh.
Hi HN! I'm the CTO of Hyperbeam, happy to answer all the technical questions :)
Wow. That remote view runs surprisingly smooth on my cheap phone. Nice work.
What sorcery is this? Youtube videos are opening without any delay (within half a second) and there's no frame lag even with 1080 quality setting. How does this work?
I'm surprised Widevine DRM allows this but I guess you can't really detect "I'm in a VM and being streamed visually by the host".

You can't even take a screenshot of YouTube TV if you don't run it in a VM. Goes to the clipboard as all black.

How does HyperBeam not get abused (and consequentially shut down) for people wanting to share a stream of a pay-per-view / YouTube TV style subscription with their friends?

(comment deleted)
After you visit the link, copy-paste it into a new window. The content will be synchronized ;)
If I leave the video playing and close the tab, it keeps on playing the audio.
Yep. We're running Chromium in the cloud and streaming it back as a video. When you visit https://threejs-example.hyperbeam.com, it will create a "room" and append the room ID to the URL (e.g. https://threejs-example.hyperbeam.com/abc).

All viewers in the same room see and hear the same video stream, and can control the same browser instance.

Hey. I'm not the person you're responding to, but your response sparked my interest given the context.

It sounds like you're saying, "Yes. Our technology enables someone to listen to YouTube without forcing them to continually view the video."

If so, I would like to caution you to tread lightly in this area. I'd built a 300K MAU YouTube-streaming Chrome extension which was ultimately terminated due to advertisers complaining to YouTube that viewers might consume content without visually seeing an advertisement. I went through a year of attempting to mitigate their concerns, but, ultimately, their expectation was that all a/v content become paused the moment video is not visible.

The only exception to this rule, that I am aware of, is Twitch.TV streamers listening to YouTube while streaming and viewers of the stream consuming that YouTube content without seeing the visuals. This is a backroom agreement between Amazon and the RIAA and is not an agreement I would encourage others to hope to achieve.

Obviously, you're not bound by YouTube's TOS, but run afoul and you'll find hyperbeam added to the big 4's url blacklist. This will prevent all YouTube content from playing through your domain.

How would they block this exactly?
Technically? YouTube users are free to describe a deny list of domains. If the referer request header mentions the domain then content does not play.

If you employ technical mitigations, such as issuing requests from a server and misleading with the referer, YouTube will reach out with a C&D. If you don't honor it, then prepare to defend your usage in court similar to ytdl. They will make the case that 1984 Sony Corp. of America v. Universal City Studios, Inc. doesn't apply to here as there's clear commercial intent supporting the desire to re-stream media content

(comment deleted)
I was mostly curious about this statement:

> Obviously, you're not bound by YouTube's TOS, but run afoul and you'll find hyperbeam added to the big 4's url blacklist. This will prevent all YouTube content from playing through your domain.

This seems like a non-issue since by the very nature of the service no referer is sent. The browser is spun up in a VM and streamed to the client through WebRTC.

So in order to technically block this they would need to know all the possible IPs of the servers.

Yeah. Running as a Chrome extension I had the ability to rewrite my referer to any URL I chose and had the technically sound defense of "My referer shouldn't be <domain> because I am an extension not a website"

When I commented on the technical viability of enforcement, they simply had a lawyer tell me to stop instead. If I had had enough spare resources to challenge it, then maybe things would've ended differently.

Just wanting to make sure we don't get caught up on focusing on what is technically possible. That's not how the world works. Laws, and interpretations of those laws, define what is allowed to be done with code.

It does open without delay, but for me, the sound and video are quite laggy.

I shared my link with my wife but she saw something entirely different... wasn't she supposed to be the same thing as me with the same "room" link?

You just have a really good internet connection. Lags a lot on my mobile internet.
Might want to make your "Sign in with GitHub" not be "allow phillipscott" username/account or whatever.
Thank you so much for pointing that out, I'll fix that ASAP.

Also, this is a bit of a tangent but my first name has one "L". My mother named me after the Philippines and I'm of Scottish descent on my father's side.

https://docs.hyperbeam.com/start-chromium-session

I can't type/paste anything into the API key "Bearer" box above "Send Request" either.

The "Body" tab seems clickable but also doesn't work.

Thanks for pointing that out, we just shipped the docs "playground" system and it appears there's a few bugs — you'll need to use something like cURL in the meantime.

Here's a snippet you can start with:

curl -X POST -H 'Authorization: Bearer <your-api-key>' https://engine.hyperbeam.com/v0/vm

Looking over the API docs now

https://docs.hyperbeam.com/start-chromium-session

First thing that comes to my mind is... this is kind of like Puppeteer. Even if that is what they are using in the background... would they ever expose it so existing Puppeteer apps could plug and play (like https://www.browserless.io/)?

We're not using puppeteer in the background, but people have asked for puppeteer support. Do you use browserless.io? We think they do a great job and don't see a point competing with them.

Would appreciate your thoughts.

Selenium & Appium creator here. I'm kinda jumping up and down at how awesome this demo is. While browser automation with puppeteer would be cool... I see in your docs that you also support running a remote Android emulator. As someone who spends a lot of time in the test automation space, there is a ton of potential here for mobile test automation (spinning up all kinds of different configs). So here's a vote for using the W3C WebDriver spec [1] if you support an automation API -- then you'll get desktop browser /and/ mobile device automation in the same API.. and it's the W3C standard. :-)

1: https://www.w3.org/TR/webdriver2/

Hey hugs, just want to say Selenium is awesome. Super cool having the creator of the testing framework we used during university commenting on our post.

Would love to learn more about the mobile test automation space, I'll send off an email.

Please do! Also, fwiw... I'm also a huge fan of Three.js... On my todo list is to embed a live video feed of a mobile device's screen into the simulator [1] for my phone-testing robots. I imagine we'd have a ton to talk about!

[1]: https://construct.tapster.io/t3plus

Sent an email :) We can help with an MVP
Beginning of the HN Metaverse
If HN had a metaverse, what would people want it to be like?
I write a open source desktop environment, supported by spice-html5, and I'm impressed (its survived the NH "hug of death") - this is true sourcey.

Amazing job OP :)

Thanks! I'm intrigued by what you built (long-time Linux user here), can you share a link?
Whatever I've built is not ready for NH.

Bask in your glory, truly amazing job :)

Several people are curious about the magic behind Hyperbeam. If you ever want to chat here's all our emails + Discord tags:

founders@hyperbeam.com

philip@hyperbeam.com (CEO) - Philip#9001

amby@hyperbeam.com (CTO) - Ambyjkl#4365

declan@hyperbeam.com (CPO) - Dek#7777

This is remarkable stuff.

Suggestion: A hotkey (in or out of the virtual computer) that allows you to reset to the default orientation without having to reload the page. On a laptop with only a touchpad, I'm fighting with the controls a bit.

Do you have a specific hotkey in mind? Curious if there's a hotkey we could choose which is intuitive, so we don't need to add more text in the 3D space.
This is cool. Commenting to come back to
This is simply amazing. I wish it was open source, but totally understand why that is not realistic or possible.

It's crazy to think this is built off forked chromium yet there is no really good self-hosted cross-platform Remote Desktop app.

Keep up the good work!

does not work. firefox dev
Thanks for letting us know, what version of Firefox are you on? Here's the Github repo by the way: https://github.com/hyperbeam/threejs-example
It does not work in Firefox on Linux.

First of all some spyware stuff from cloudflare gets blocked by the ad-blocker.

But this is not the root of the problem as it doesn't work either without the ad-blocker active.

Minified JS Script dies with some cryptic backtrace.

I've tried on the hyperbeam.com website and it does not work either.

It lies straight in my face about a missing H.264 codec. (Which works fine according to https://test-videos.co.uk/bigbuckbunny/mp4-h264).

It seems you never tested your stuff. The console is full of errors:

  Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194. (Reason: CORS request did not succeed). Status code: (null).

  None of the “sha512” hashes in the integrity attribute match the content of the subresource. -oXZ36ekQX2btnYIZSdj2g
  WEBGL_debug_renderer_info is deprecated in Firefox and will be removed. Please use RENDERER. chunk-vendors.9d9d262d.js:6:31482
  Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194. (Reason: CORS request did not succeed). Status code: (null).

  None of the “sha512” hashes in the integrity attribute match the content of the subresource. -oXZ36ekQX2btnYIZSdj2g
  Some cookies are misusing the recommended “SameSite“ attribute 4
  Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://416c35e0.hyperbeam.com/ok?vm=0. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 200.

  Object { type: "New", payload: {…} }
  app.fc7f578d.js:1:42733
  Object { type: "Create", payload: {…} }
  app.fc7f578d.js:1:42733
  WebRTC: Using more than two STUN/TURN servers slows down discovery 2 vendorlate.27cb1e73.js:14
  WebRTC: Using five or more STUN/TURN servers causes problems 2 vendorlate.27cb1e73.js:14
  Object { type: "Consume", payload: {…} }
  app.fc7f578d.js:1:42733
  Consume error:  cannot consume1
The "cannot consume1" is the error that shows also on the three.js demo.
You most likely need this plugin: https://support.mozilla.org/en-US/kb/open-h264-plugin-firefo...

Seems like in Firefox, H.264 in WebRTC is supported in an entirely different fashion than other kinds of H.264, like in an MP4 file.

Besides that WebRTC is a tire fire¹ on any browser, why don't you just use VP8?

Should be available everywhere.

Enabling anything with "Cisco" in its name is out of scope for many (and anyway not available on Google's mobile OS).

___

¹ All implementations have severe quirks and some (like Safari) outright showstopper bugs. BTDT

The problem with VP8 is it's almost never hardware accelerated, neither on the encoding nor on the decoding side, so it's undesirable. Also, the software encoder x264 is quite far ahead of libvpx vp8 in terms of the encoding cost vs bitrate vs quality tradeoffs in our testing. We really hope AV1 solves all these issues once and for all in the years to come.
I guess you will need to make some compromises to make this work reliably.

My personal experience with WebRTC was: "One can be glad if one gets anything working at all across different environments". 0 stars, would not touch again (or only with a very very long pole; everybody has his price… ;-)).

The other thing that came to my mind is: Why do all that on the server? Seems costly.

One could build a "browser in browser", and share that (partly) P2P through the WebRTC screen-sharing feature. The "browser in browser" would be needed to be able to make that thing interactive as the screen-sharing feature transmits only a video. You would need to capture mouse and keyboard on the webpage within the "virtual browser" (and transmit it though an additional WebRTC stream). Capturing the inputs outside of the browser is not possible afik with WebRTC.

(comment deleted)
Also which OS? I have a hunch your version of Firefox doesn't have the H.264 codec which we need
How do you handle user credentials or general inputs? If I type in my Netflix credentials, don't you and/or my watch party friends get access to them in some way?
Great question.

We’re building a “privacy mode” feature to address this exact problem that allows the host to black out the screen when entering sensitive information like credentials.

As for Hyperbeam getting access to credentials—we don’t store any input from users in the virtual computer. The only things we track are the time a particular IP is connected to the VM and the domains that are visited (this is anonymized).