62 comments

[ 4.1 ms ] story [ 97.7 ms ] thread
For prove, screenshot in release notes at the bottom.
Screenshots are always nice, but how would that prove anything? If they're going to lie about it, they could just as easily fabricate a screenshot. (And if you trust them not to do that then why not trust the claim outright)
The web is built upon trust.
It absolutely is not.
Thorium is a fork of Chromium, optimised for speed.
I thought Chrome team were the leading experts on web performance. How is Thorium able to outperform them?
Changes to the compatibility of the browser, like AVX requirements.
Aren’t both Safari and Firefox faster than chrome?
Wow. That's quite the agenda.
To voice against commercialisation of harmful for-profit medical procedures on children without any gain for most people? You're already sold on unnecessary vaccines, so might as well mutilate them and give them a bunch of prescription drugs to go with it.
This doesn't belong in a browser.
It was not in the browser, but on an orphaned page of the browser’s website.
The only true oof thing is him being in the hospital for a month, the rest sounds no worse than any other open source drama.
really? is it? this entire outrage felt petty, malicious and nitpicky to me from the get go. is it really that big of a deal? if minors are deep enough into tech to play around with an open source chromium fork, they have been exposed to far, far more and probably darker stuff than raunchy, anthropomorphized bunnies or whatever. this is someone’s pet project, probably someone rather young themselves. it entirely possible you even found use in this someone’s pet project. And now you’re coming after them because of a cringy Easter egg? That’s just f*ckin mean
Whatever age this individual is doesn't matter really. It seems that the situation has been handled, and I'm sure it was a massive lesson.

I didn't do anything but repost the bold link from the first paragraph of TFA...

I agree. It was hugely overblown. A big part of the LLM and Stable Diffusion software originates from 4chan's /g/ board. When a significant portion of cyber security specialists are furries who even post NSFW furry art on their social media profiles, is it really so surprising? It feels like another puritanical crusade and outrage culture at play.
Some people feel validated by causing or supporting moral outrage on behalf of others as it feels like they are safeguarding them.

I'm just happy some people are keeping the yiff community in mind :)

ain’t it crazy? I’ll be the first to admit i don’t get furry stuff, but i also don’t get just about a universe of other stuff people are seemingly very much into, and neither do i expect everyone to understand why i willingly risk my life skydiving just because it gives me joy. this is cyberspace for gods sake, have some self respect and stop being dicks to others to virtue signal, that’s just downright mean man
I pretty much tune out of any argument as soon as it devolves into "think of the children".

Maybe parent your children so when they go digging around in open source code and find some furry art it doesn't somehow destroy them.

That would certainly cause issues if you ever let them loose on the internet unsupervised. Much easier to teach them that there’s nothing inherently wrong with images like that.
That is pretty much my point. People freak out like this will somehow irreparably damage their children, which is complete nonsense. The reality is these people just don't want to have an uncomfortable conversation with their child, so they choose to make it everyone else's problem.
Becoming a furry does constitute irreparable damage.
Not being happy with your kid's sexual preferences when they grow up sounds more like a you problem
There’s much, much worse things to get excited over. Anthropomorphic cats seem kind of benign.
On April 2, 1995, Mosaic for Windows users awoke to discover their browsers were behaving oddly.

About three weeks earlier, the team was celebrating wrapping up a release at a reasonable hour (for once) when I uttered the words, “You know, this is the last release we are putting out before April Fools’ day.”

Everyone in earshot somehow thought this was a tremendously valid point. By 1:00 am there was not one but around five separate Easter eggs set to go off on April 1.

You will note I said April 2 above. I sat with the lead dev as we verified how date and time offsets worked so we didn’t have any off by one errors. Seems that some fields were zero indexed while others were one indexed. Terrible MS API. We came to consensus on what was right, we may have even tested it, and I left.

But unfortunately he had a crisis of faith an hour later and created the off by one error. Luckily for us April 1 that year was a Saturday. A lot of our users, who had internet at work, never saw the prank at all, even with the off by one error.

On Sunday the tech support emails started rolling in, and our clever little joke started to reveal itself as poor judgement. Some people got the joke, but many thought we had been hacked. By Monday we had a canned response, apologizing for our bad judgement and anyone who got freaked out thinking they got a virus, or that we did.

Three proper adults and three college seniors and nobody said stop.

Would you be open to explaining the joke and the error?

I'm not able to decipher what went wrong from your comment right now (though it might just be me!).

Is April first the zeroth day of April or the 1st? Turns out it was the 0th.

The jokes were some ui changes. The icon spinning backward and the progress bar saying April Fool’s in rainbow text every nth page load. A bouncing logo screen saver like behavior that would wipe a window that had been idle for X minutes (restored on mouse over).

I think there was one more, but the last I remember was the lead’s idea. After four (1?) hours idle, if you had audio enabled, you would hear the lead rapping his knuckles on his monitor and saying, “Hello? Is anybody there?” That could be funny or it could be terrifying.

> That could be funny

That would definitely be funny. But people are more uptight these days (or maybe they always were).

"or maybe they always were"

Well, since this story is from 1995, so allmost 30 years ago, I think people are still as uptight today, when you compare it to this easter egg.

Some of the people who would be upset now would have been then, but I think there are more of them, and more flavors today.
This browser looks ok, but stuff like this turns me off from using it.

Single-developer projects are always risky. What if the dev just decides to stop developing it? Or there's a massive vulnerability, and they're on vacation with no internet?

If that solo dev is an American, based on the use of the word vacation, it won't be that long. If they are non-American out on holiday, you could be screwed.
yeah nobody's suggesting you to switch all your company's computers to a small browser project nobody's ever heard of.

maybe the point of publishing the work on a new browser like this is to get the word out, get folks to fool around with it and explore the changes, and hopefully perhaps assemble a small community capable of seeing through a vision of making a faster chromium, rather than getting folks blindly using it as their daily browser straight away?

if the project does take off, by the time it is actually good to be used as a daily driver it will be void of any furry art, trust me.

the beauty of open source is that if the original developer stops developing or goes on holiday for a year you can pick up the torch. mature projects are eventually smooth-sailing and can be used out of the box, but any project goes through many years of not being so pleasant to use (most of the time, the reason's very simple: nobody's getting paid to work on it, so be grateful you have the software in the first place!)

This is such a huge yikes but points to the dev for apologizing I guess. It's good technical work no matter how you cut it.
(comment deleted)
Was not aware of Thorium, looks interesting. Now I'm wondering if node.js could benefit from some of these optimizations?
Same. I would also love to see these optimizations on a Firefox build
[flagged]
Thanks for the downvotes - have we forgotten this while furry in the code crap, so fast?
Careful if you care about downvotes: complaints about downvotes often attract more downvotes, both on the complain and the original post.

As for why the downvotes: I assume because, as per the discussions in the thread you linked to, the consensus was that those claims, particularly the CP accusations, were rather overblown, so repeating them may be being seen as pointless, adding nothing useful to the current discussion. I've not seen the images in question, links in the thread require a GitHub account to view, but they are not said to be titillating unless you are _really_ trying to be titillated.

Genuinely couldn’t give less of a fuck about this storm in a teacup and it’s just as annoying as the repetitive “Oh it’s Google gonna cancel” etc etc LLM level comments. At this point, humans on this site are failing the Turing test.
What's your point, though?

The author has apologized for this rather tasteless joke which he didn't expect to blow up as much as it did and has moved on.

Doesn't change anything about the projects tech and this recent achievement (of a one-man pet-project mind you)

> doesn’t change anything

Does it though? I remember once opening Notepad++ after an update, where the changelog itself never mentioned that its first start will behave like a virus, open a new tab, and start typing messages in solidarity with the victims of a french mass shooting.

That crap ain’t cool

Yeah, "that crap ain't cool".

But again, he has been rightfully scolded for that, has apologized and pledged to do better. If he doesn't, well that's bad but then even more people will stop using the project.

I just don't see any real value in bringing missteps of a project up in every subsequent discussion, especially if it's a storm in a teacup like this one (it was a hidden easteregg, not some auto-poster).

No adult should consider that porn. It might be exciting to a 15 year old?
Oh, it's just chromium with I'm guessing some questionable PGO choices and similar.

I can't speak for blink/chromium, but as I spent most of a decade working on webkit and JSC, there are lots of trade offs for performance that can heavily benefit benchmarks without benefitting real web content.

  * First off PGO. You have to be very careful when you do profile guided optimization as you _could_ simply do nothing but do the profiling passes on benchmarks, but if you aren't testing actual web content you can pessimize actual page load performance (speedometer tries to be better at general browser perf than older benchmarks but you easily fall into a trap equivalent to making your browser the fastest at loading gmail but slower at yahoo mail :D)

  * A lot of modern browser performance comes as a result of caching policy, not in the download sense, but internal data structures. For example many years ago when I implemented bytecode caching in JSC (literally JS string source->bytecode) which saves you parsing and codegen time, but uses a lot of memory. A lot of the qualification for enabling that was "how much memory should be willing to burn in exchange for this performance", how time sensitive should the cache be, etc. Similarly you can get significant performance wins by making the GC heap large enough that you avoid sweeping during a benchmark.

  * Browsers also do a lot of event coalescing to try and minimize unnecessary dispatch costs, relayout, and repainting. You can generally adjust the coalescing policies and you can get good "performance" wins by increasing the coalescing windows, but the result can be perceivable lagginess and similar, but again it will help "performance" as measure by wall clock.
There are many many trade offs beyond just these that impact performance, and those impact perceptual performance, wall time performance, memory usage (people complain about memory usage in modern browsers but you can improve wall time "performance" by increasing that even more), and power (which matters for any mobile device).

It should not be a surprise that you can configure a chromium build (or gecko, or webkit) that can "out perform" the default configuration at some [set of] benchmark[s], but you should ask yourself why in a field as performance sensitive as browser and js engines the developers aren't already doing what you've done, and maybe the result of your changes is actually lower overall performance or otherwise worse user experience.

> you should ask yourself why in a field as performance sensitive as browser and js engines the developers aren't already doing what you've done, and maybe the result of your changes is actually lower overall performance or otherwise worse user experience.

Of course you should, but you should also play around with the settings and publish your findings. If we didn't explore we wouldn't learn anything. It's possible that those other developers simply didn't consider a setting important, or that what they consider normal browser usage isn't the actually common case.

We should encourage experimentation of all kinds.

Chromium is optimized to perform as well as it can across every computer that's supported, I think. That includes real cheap netbooks as long as they can run a new enough operating system (currently, I think, Windows 10). Thorium is optimized to perform as well as it can on more modern CPUs with more supported instruction-set extensions, IIRC.
If Google could generate optimized versions of Chrome that it would automatically choose from that would be nice
I believe this might already happen on the function level (for some functions), but in terms of the entire browser, not right now. Could be a fun idea.
There are lots of reasons a developer does something other than what a user would want most.

Even if the user were aware of all the same facts and had all the same understanding as the developer. Even while working on open source code.

(comment deleted)
(comment deleted)
What are the security trade offs of Thorium?
Notably they also have windows and linux builds. And linux build includes VAAPI Patch, Intel HD support patch, and VDPAU Patch. I am yet to test it but it might be a better linux chromium option than chromium or brave for GPU acceleration.