61

I wonder why this browser is not open source. If it has no trackers to hide there should be no reason to hide its source code. I will not enter my personal data into such a browser.

  • Vlad replied to this.

    Lenni-builder Orion is not open source yet (we plan to do so when there is merit) because:

    • Maintaining an open source project is an order of magnitude harder than closed source project and our team is super small
    • There is currently no benefit for us in doing so.
    • Any trust issues can be easily resolved by verifying our zero telemetry claim (because Orion is verifiably zero telemetry).

    It is browser telemetry and not access to source that is cause for privacy issues as proven by every other browser that is open source and despite that, a privacy nightmare.

      2 months later

      Vlad

      maintaining an open source project is an order of magnitude harder than closed source project and our team is super small

      That's not true. Most of the work would be from volunteers. It's a metric butt load of work-hours poured into your project at no extra cost.

      there is no benefit for us in doing so

      Mozilla proved that wrong in 1998. Google did the same with Chromium in 2008.
      Desktop Browser Market Shares Feb 2009 -> Feb 2023

      Keep in mind "Chrome" is a proprietary product. "Chromium" is 99% of it, and that's the part that is open-source.

      any trust issues can be easilly resolved by verifying our zero telemetry claim (because Orion is verifiably zero telemetry)

      The community asking already trusts you. What you're saying by not releasing the code is that you don't trust the community.

      Software can be proprietary and open-source. What matter is the license.

        Vlad

        I recently discovered your browser and I’m amazed about how much you have achieved so far with such a small team. However this is the only policy I do not agree on and the policy that is preventing me from becoming a supporter.

        Making it open source would greatly increase the number of contributions you would receive and speed up the development process.

        I’m sure a good amount of people like myself work in software development and would happily contribute with money and code.

        But for me the most concerning issue with this not being open source is not that I don’t trust your privacy claims. But the software could have security issues, being closed source means this issues will be harder to detect as they cannot be found by source reviewing and thus to fix it, and instead can pose a risk as an exploit could be created and exploited even if it is closed source if the popularity increases and there is enough value for someone to exploit it.

        Hope you instead reconsider this and make it open source as soon as possible. I will be happy to contribute monterarily as soon as you provide a deadline for this.

        • Vlad replied to this.
        • DR likes this.

          w0lf Few points I woudl like to highlight

          • I agree with the idea of open sourcing. There are certain challanges that may not be visible from outside perspective.
          • Number of people that can work on a WebKit browser is very small. We have trouble finding them even when we offer to pay for their work. Most already work for Apple.
          • Even if such volunteers existed, who will manage the open-source repo of the size of a web browser? Our team is only 2 developers, both already overwhlmed by 1,700+ opem issues on this site. And besides running a company, I am managing two very active discord communities and two feedback forums. It is not feasable to think we'd have time manage pull requests, open issues, code reviews in any sensible way that would make it beneficial to us. And if there are no pull-requests to manage, then why open-source in the first place?
          • Vast majorty of the browser code is already open source through WebKit. Anyone wanting to contribute code to Orion can start by contributing to WebKit.
          • We plan to do an independent securty audit before leaving beta
          • Kagi has a many open source projects already that I invite you to contribute in the meantime.

          In a nutshell we feel we are not ready to reap any benefits from open sourcing the project at this moment. That time shall come, but our team needs to grow first.

          8 months later

          Suggestion: provide a ballpark decision criteria like "once we reach a team of 10, and pass security audits", then open source Orion.
          Personally, I believe there are a lot of benefits to open sourcing: allowing contributions from community, onramping developers naturally, increased trust, enabling independent audits (e.g privacy verification), project longevity, etc.

          • Vlad replied to this.

            Orpheus

            Yep those all great reasons. Just want to note that 'privacy verification' is rendered obsolete by the fact that Orion is zero telemetry. No telemetry = 100% privacy respecting and Orion is almost unique in that respect on the market.

            What we would generally be looking for before we would consider open sourcing is that Orion is sustainabile and it can support the extra team members needed to manage ian open source project of this magnitude. To sustain a team of 10 we would need about 20,000 subscribers and we are currently at about 400 subscribers .

            a month later

            Hey, first of all, let me say thank you for an amazing product! I'm a new Orion user, I switched a week ago from Chrome, and so far I'm super happy with the experience, though I stumbled upon some usability issues.

            I understand both points of view in this thread, and it makes sense that managing an open source project can be a full time job (or a multiple of those). At the same time, I thought I would share my experience. I'm a software engineer, not afraid to dig into the source code of an OSS project, to fix an issue that would improve my experience with a product. I wanted to do the same with Orion, where I was hoping to at least try to debug an issue I'm seeing with one of the extensions not working properly in Orion. The details of the issue are available here. Since the browser developer tools weren't very helpful in debugging this issue (devtools were crashing unexpectedly), I thought I would look at the source, to try to figure out what this issue might be related to, for example by checking what does the error message I saw in the devtools console mean in the context of the source code. So I Kagi'd for the "Orion source code", and that's how I found this thread.

            Given all that, although I understand that maintaining OSS project could mean more work, in my case it would allow checking if the issue I'm experiencing is related to the Orion browser or the extension itself.

            I really understand the anxiety that your development team might become overwhelmed with external requests if you release your source code. But maybe it would be worth considering prioritizing hiring someone who could be an open source community manager? A person that could be a link between the external community and the internal development team. One that could be the first pass filter on issues raised and PRs proposed. Someone who could present a distilled update on the OS chatter once a week to your development team. Preferably someone with a software development experience as well, so that they could answer technical questions that would no doubt arise from releasing your source code.

            Anyway, thanks once more for a great product 🙂

              3 months later

              I also agree in open sourcing the browser, at least eventually. While it may seem hard managing an open source project, many software projects eventually make it possible to work. We can look to other software projects (especially those with small teams) who have done it before for inspiration. I echo domderen's idea that perhaps an open source community manager could alleviate some burdens of management. The benefits of open sourcing can outweigh the drawbacks of not.

              Open sourcing the browser can be a controlled roll-out, using an interative approach (open sourcing each component by importance/priority over time).

              Some other ideas for a good open source project:

              • Modular codebase
              • Suitable license (perhaps even fair code not fl/oss)
              • sufficient code documentation
              • project overview documents (architecture, components, design philosophy)
              • development guide documents (setup, coding style, contribution guidelines)
              • clear roadmap
              • rigorous code review process

              All of this can also help the team currently (minus the license part)

              In the future, one thing could help (with either Orion being closed or open source) would be delegating certain parts of the code base to a certain person (perhaps like Linux does).

              Why don't you upload the source code for every release as a tarball (it would not require you to have any jind of public repository) or just disable contributions in case you want to use a git repository.

                5 days later

                Lenni-builder yup there is a difference between publishing the source + build steps (so anyone can reproduce the build check & source code) and making it a community project (which may indeed involve some contributor management skills and effort). Please just publish the code. The community side can come later.

                  4 months later

                  It would be quite useful for you to at least open-source the WebExtension support, and possibly collaborate with Epiphany's WebExtension project (also WebKit-based). I also would like to reiterate that even publishing sources without taking contributions would be useful for other WebKit developers.

                  20 days later

                  Come on, Man! My main man! Why not tho? Ok an actual point. The Brave Browser already has the advantage of being open-source as well as its ability to offline download. Due to these things people may be more interested in using the Brave Browser over Orion. As well as for Safari, there already are Ad-Blockers that work for Safari as well as that SponsorBlock works much better on Safari, there may be people that think, if I am going to use a Browser that is proprietary and I don’t know what is being done with the code and Safari already has Ad-Blocker extensions and a more seamlessly working SponsorBlock extension, why would I download another app to do that and not use the one already provided to me on my phone that has it’s extensions work better than the way it is on Orion. I hope the people upstairs with Orion will take this into consideration.

                  If this app became open-source, Firefox Focus would automatically no longer be competition to Orion and its only competition would be the Brave Browser. Which is open-source and has the ability to do offline video downloads. I really hope this is taken into consideration.

                    Merged 2 posts from Open-Source.
                      7 days later

                      mightysashiman Why do you want them to publish the code?

                      I can understand wanting to make it a community project, but just the source code published..?

                      The browser is verifiably zero-telemetry which means it is impossible to not be 100% privacy focused.

                        8 days later

                        SerViette Because we can’t verify it is zero telemetry without source code.

                        • Vlad replied to this.