This is a healthy thing to happen to the Linux browser ecosystem imho.
We talk a lot about browser diversity, but on Linux and Windows, it is a lie. You have firefox (gecko) and fifty flavors of chromium. Webkit on Linux has essentially been relegated to embedded devices or the GNOME epiphany browser, which I'll admit while is a noble effort, lags a bit in the stability and power-user features department. Big reason for that is that it lacks the commercial backing to keep up with the modern web standards rat race.
Kagi bringing orion to Linux changes the calculus. It introduces a third commercially incentivized, consumer-grade engine to the platform. Even if you never use orion, you want this to succeed because it forces WebKitGTK upstream to get better, which benefits the entire open source ecosystem.
The sticking point like always will be media playback (read: DRM/widevine). That is the graveyard where Linux browsers go to die. If Kagi can legally and technically solve the widevine integration on a non-standard Linux webkit build, they win. If not, it will be a secondary browser.
> Webkit on Linux has essentially been relegated to embedded devices or the GNOME epiphany browser
Don't forget about https://falkon.org. It's a browser I enjoy using. WebExtension support will be big if it lands in Orion though.
EDIT: apparently Orion is not open source. Not particularly interested in a closed source browser, TBH. In 2022 they said they plan to open source "when there is merit"[1], whatever that means. No merit yet, it seems.
Falkon uses QtWebEngine, essentially a Chromium (Blink&V8) wrapper. QupZilla, its predecessor, was using QtWebKit. Otter & kbd-driven qutebrowser (two other Qt browsers) for time, and maybe still do, simultaneously supported both.
Same for me. Using a proprietary browser is not quite as bad as using a proprietary OS, but it is a distant second. Hopefully they figure out whatever merit they are waiting for...
I find it strange because it seems to me that outside of their bread and butter products (Kagi Search, Assistant), there really isn't a business secret or proprietary technology to keep secret no? Perhaps integrated browser LLM tooling they don't want to give out for free.
Not too much speculation needed as to why: data collection which is then used to enhance both their Search and Assistant products + they can easily start pushing their search and assistant through the platform once adoption is high enough and people who are used to Orion will more easily be convinced to just fork up a little money for continued or slightly improved features/access
It's more likely it has to do with all the work they're doing to getting the WebExtension API to work with WebKit which is a main selling feature for the MacOS version - using firefox and chrome extensions in a webkit-powered browser.
And esp for the iOS version, where there are not many options for using extensions in other browsers. The only browser there that can use UBO, afaik. In MacOS it is a bit too buggy for me for daily use, ymmv.
People usually don't compile their browsers from source anyway. And of course, technically, a program can check whether monitoring tools are running and adapt its behaviour accordingly, but this is malware territory and it makes no sense for any reputable browser. Also, technically, one can do that on router level anyway and not have this issue. So yes, I would say that analyzing the network is enough.
"People usually don't compile their browsers from source anyway."
But this is a forum that includes people who do compile their browser from source
As such, if promoting a new browser here, it should be expected people may ask about the availability of source code
I use an HTML browser that is a 2M static binary
It compiles quickly and easily on all the computers I own, and these computers are underpowered
This allows me to customise the software
For example, any "features" I do not wish to have, such as telemetry or other "automatic" remote connections, can be removed
NB. I am not expressing an opinion on the "Orion" software, I am commenting exclusively on the statement, "People usually don't compile their browsers from source anyway" appearing in a forum read by people who _do_ compile their browsers from source
The easiest way to verify "whether there is telemetry" is to look at the source code
To avoid telemetry, interested users can remove it from the source code
Whereas, if telemetry must be found by inspecting network traffic,^1 then users' only choice to avoid telemetry is not to use the software. There is no self-help. Users can plead with the author to remove telemetry to no effect
1. This may be complicated by encryption
Moreover, if the software is subject to change, e.g., "automatic software updates", then telemetry could be added at a later time, e.g., as part of an opaque "update". This requires the user to continually monitor network traffic in order to try to discover "whether there is telemetry"
If users have a copy of the source code, and use a binary compiled from that source code, then this burden does not exist
I was answering to a specific comment asking about whether one absolutely needs the source code to know that there is no telemetry. Not about whether it is reasonable or useful to want to have the source code in general.
I usually like to accuse people of the wildest privacy conspiracies, but here in the case of Orion, one day the founder approached me together to work with him, and I tried to see how far is he willing to do in practice (“ok maybe we could do X and Y or Z”).
He stopped me and explained to me that is his business model, and… it was to sell apps / subscriptions. He has no interest into anything else and strongly explained that the user pays and that’s it.
Eventually I didn’t work with him but I have a very positive opinion of him, so at least, based on my experience as a potential employee strongly trusts
The last Falkon update was 8 months ago (falkon.org/posts), seems like a very long time for a browser without any updates. Is it not a security problem to run a browser like this?
> The sticking point like always will be media playback (read: DRM/widevine). That is the graveyard where Linux browsers go to die. If Kagi can legally and technically solve the widevine integration on a non-standard Linux webkit build, they win. If not, it will be a secondary browser for documentation reading only.
I'm hopeful that some day Linux will have enough users where the media companies can't ignore them. Hopefully, that day is sooner than later.
It's pretty frustrating that peacock (and all xfinity streaming) doesn't work and you can't get 1080p or 4k on most other streaming platforms.
Hmm good point. The issue is also the distinction between widevine L1, i.e hardware-backed DRM and L3 (the software backed one).
Correct me if I'm wrong but to stream 4K, studios require a hardware root of trust and a verified media path. They need a guarantee that the video frames are decrypted inside a trusted execution environment and sent directly to the display without the OS kernel or user space being able to read the raw buffer.
AFAIK Windows and macOS provide this pipeline at the OS level. OTOH, ChromeOS gets 1080p/4K not because it has massive market share but cause the hardware and boot chain are locked down by the almighty Google.
On desktop Linux, where you have root access and can modify the kernel or compositor to inspect memory, there is technically no way to guarantee that secure path to the studios' satisfaction. Am I right in this assumption?
Unless the DRM providers change their threat model, which sounds unlikely to me. Or distros start shipping signed and locked-down kernel modules that prevent the user from being root, which is again unacceptable to most (me included), we will likely be capped at 720p for some time now.
Yes. I tried using Chrome on Linux just to watch movies that I purchased on Youtube at HD/4K and watched as the stream was limited to 240P. IMHO regardless of what Google says in their ToS they have already broken the trust agreement by not providing what I paid for. Regardless of what the studios want, all this does is push me back towards piracy because once again the industry fails to understand that piracy is a accessibility problem, not a financial problem. If I pay for 4K then regardless of where I want to watch that movie it better be in 4K, that's what I paid for. Google hides behind their ToS to get around the fact that they sold me a product then failed to deliver.
> ChromeOS gets 1080p/4K not because it has massive market share but cause the hardware and boot chain are locked down by the almighty Google.
ChromeOS is based on Gentoo Linux underneath just very stripped down and Googlefied. It's the same BS that Bungee pulled with Destiny 2 and Linux. If you so much as dared to run Destiny 2 on Linux you would be banned. Stadia used Linux but because Google controlled the platform they allowed it to be played there.
These are the games they play to make other platforms that aren't MacOS/Windows appear like they are incapable but in reality it's just corporate greed and grift.
I don't think there is a difference. They can need or want or demand and it doesn't matter. They don't have the right to weaponize my computer against me to fulfill their goals.
As far as I understand, on the mobile implementation not even the OS can access the buffers. So even with root you can stream L1 content but not screen record it
As do HDCP strippers. Judging by the availability of 4K Netflix content on torrent sites, I do believe the only people being prevented from watching their content are paying customers acting in good faith.
This is the way. Widevine is a cancer that only serves to lock down the browser market to a small handful of web engines that have been approved by Google. If your browser isn't based on Chrome, Firefox, or Safari you're out of luck.
Most people will not use a browser that can't open youtube videos and they know and exploit this with extreme precision.
If you are already paying for the streaming service that offers the content and they restrict you from watching because of your OS are you harming the industry by downloading it? Nothing is stopping you from buying a 4k webcam and recording your computer monitor.
You're already paying the monthly fee to stream it, you're just streaming it in a more friendly way. Granted if you cancel the service, you should delete the content.
Many won't though and that's the problem but that problem is caused by the fact that you're being restricted in the first place.
There are still other, non-trashy ways to record your screen. Motivated actors have no problem with such restrictions, as happens with everything. It is for exerting control over the normal users' behaviours and habits.
This isn't even a strictly Linux problem. On Windows, Edge has by far the best encrypted streaming playback using their PlayReady DRM. Many services like Netflix will only do 4K for Edge. Chrome is often 1080p, and Firefox was 720p last time I tried it.
Same situation on Mac where Apple's Fairplay DRM enables 4K playback in Safari, but Chrome and Firefox have the same limitations as on Windows.
Last time I tried to use Firefox on Windows as my daily driver, video playback was one of the biggest gaps that made me go back to Edge.
> I'm hopeful that some day Linux will have enough users where the media companies can't ignore them.
The entirety of personal computer viewing doesn't have enough users where the media companies can't ignore them.
Fundamentally higher resolution playback happens on platforms like Windows and MacOS because they have closed, signed driver stacks, same as anti-cheat in games. Not because of the browser. So it will only ever happen if someone forks Linux to a more restricted, closed browser stack and offers that as a product (which is basically how a cable set-top box works in practice).
> I'm hopeful that some day Linux will have enough users where the media companies can't ignore them. Hopefully, that day is sooner than later.
Does YouTube and Netflix work? That's the lion's share right there. A lot of users probably don't even care about the other streaming platforms. I'm probably being too optimistic, but I think the upcoming Steam machines will have a significant adoption of the linux desktop. Microsoft is certainly working 'round the clock to alienate their users.
If you're using a "common browser" on Linux (Firefox/Chrome) Netflix should work, just at 720p for most of the content. If you're using a minor Chromium based fork the customized Chromium package provided by your distro it probably doesn't have Widevine by default.
The same is true for running a vanilla Chromium build on Windows, the big difference is the quality of content you can get on Windows can be higher than 720p in the mainstream browsers (as long as the rest of the system is compliant as well).
One correction to my message above: apparently Chrome on Windows is still 720p for Netflix, it was Edge that had 4k support. Or you can install the Netflix App on Windows too.
I agree it's a bit silly, but I think a lot of people don't really care about quality so long as they can watch it. I guess that'd also explain how Netflix gets away with such low bitrates for even the "high quality" versions of content.
I don't think I've seen Netflix comment on this since a long time ago, but back in 2018 it was:
- 15% PC
- 10% Smartphone
- 5% Tablets
- 70% TVs
In terms of viewing hours https://www.statista.com/chart/13191/netflix-usage-by-device.... So definitely most viewing on TV, but still something like 1/3 of households with TVs don't have a 4k TV at all (as of 2025) in the first place. Hard to definitively say more since Netflix & others don't seem to publish the numbers often.
I'd love to find out I'm wildly wrong though and have a bunch of people willing to push Netflix to have higher quality content... but so many people don't even seem to pay for the premium plan with 4k (anecdotally, Netflix doesn't seem to publish numbers on that) that I'm not holding my breath as I sit here with UHD Blu-Ray quality instead :D. It seems like most people just want something quick to turn on in the background than something to really sit down and bask in every detail of.
Yeah, and that leads to the DRM'd content in YouTube (like Movies & TV) not working for me in Kagi on Linux. Unless you're saying I've done something wrong and it really is working for you... in which case I may have some tinkering to do to find out what I did to break it :D.
One correction to my message above: apparently Chrome on Windows is still 720p for Netflix, it was Edge that had 4k support. Or you can install the Netflix App on Windows too.
I don't disagree with you about a new browser being a good thing but ...
> If not, it will be a secondary browser for documentation reading only.
I don't even have sound on my main desktop PC: the one I use the most. The one I do all my "life admin" stuff from (banking, real estate, etc.), all my work emails, all my coding. I think sound works but I haven't bothered to plug in speakers to check (since three years, when I assembled the PC).
That's a bit more than documentation reading.
There are work environments where even just a sound emitted by a PC is frowned upon.
People who aren't into media consumption are not just "reading documentation".
> The sticking point like always will be media playback (read: DRM/widevine).
Probably true in general. But for me, that's not a sticking point at all. I don't care if a browser supports media playback or not.
What I do care about is the ability to enable/disable embedded code execution (JS, at the very least) at a fairly granular level. Does Orion allow for that?
DRM sucks, but the time to thrash against it is has passed. It's here, it's not going away, and users expect to be able to use their browsers to watch protected content.
Aren't we talking about the fact that it's not here (on Linux), and some people would like it to be?
The time to thrash against DRM will be when you can't get hardware that boots kernels which were not approved by your government. What we're doing now is trying to prevent that time from coming at all.
Having to watch protected media on a different device is a small price to pay.
I like what Firefox does: it allows me to just disallow Widevine entirely, which is what I do. That still allows others who want to use those things to do so. It's the best of both worlds.
If anything I see mainstream complaints about DRM in games, media, and lesser extent anti-cheat now more than ever, along with all the thrashing of Windows anti-user behavior. It is only natural that they go together. If there is a time to get rid of these, it's the near future.
My take is: you're welcome to the party, but don't be surprised if someone shows you the door when you pull out the drugs. It ain't our type of fun.
I understand various reasons why people are pushing for the adoption of open source software, but it will be counterproductive if it brings the problems of the commercial software world with them.
The actual important part is consumer-grade. Because WebKitGTK itself is already commercially incentivized, developed primarily by Igalia (a quite underrated firm regarding their contributions in open source) who are offering consulting services mainly in embedded-related industries.
> "DRM/widevine [...] is the graveyard where Linux browsers go to die"
Maybe it's not widevine L1 but Firefox has the widevine plugin enabled on my Debian 13. I don't remember I had to do anything except downloading Firefox from Mozilla and installing it.
> Even if you never use orion, you want this to succeed because it forces WebKitGTK upstream to get better, which benefits the entire open source ecosystem.
I don’t understand this logic. AFAIK Orion is doing downstream work and has not contributed to WebKitGTK. Hopefully that changes but we’ll see.
Browser engine diversity doesn't matter. The only important browser diversity is in the browser itself. Multiple browser engines makes it harder for developers of websites due to divergence of the engines and it makes it harder on engine developers since there are less resources going to the same engine.
On the other hand, that one same engine would then be under near-full control of a single company (Google), with all the disadvantages a monopoly usually brings.
I have to disagree with some of your points. No shade at Orin but WebKitGTK is a volunteer project. Having competition won't push WebKitGTK any faster because I am sure they are going as fast as they can. WebKitGTK already have a good list of features to add because they have other commercial browsers to compare themselves to, it's the speed that they can add them due to resource limitations. BTW, Firefox also runs on Linux. Also, nobody is installing a secondary browser for documentation reading only - what's the point of doing this?
We talk a lot about browser diversity, but on Linux and Windows, it is a lie. You have firefox (gecko) and fifty flavors of chromium. Webkit on Linux has essentially been relegated to embedded devices or the GNOME epiphany browser, which I'll admit while is a noble effort, lags a bit in the stability and power-user features department. Big reason for that is that it lacks the commercial backing to keep up with the modern web standards rat race.
Kagi bringing orion to Linux changes the calculus. It introduces a third commercially incentivized, consumer-grade engine to the platform. Even if you never use orion, you want this to succeed because it forces WebKitGTK upstream to get better, which benefits the entire open source ecosystem.
The sticking point like always will be media playback (read: DRM/widevine). That is the graveyard where Linux browsers go to die. If Kagi can legally and technically solve the widevine integration on a non-standard Linux webkit build, they win. If not, it will be a secondary browser.