This is a healthy thing to happen to the Linux browser ecosystem imho.
We talk a lot about browser diversity, but on Linux and Windows, it is a lie. You have firefox (gecko) and fifty flavors of chromium. Webkit on Linux has essentially been relegated to embedded devices or the GNOME epiphany browser, which I'll admit while is a noble effort, lags a bit in the stability and power-user features department. Big reason for that is that it lacks the commercial backing to keep up with the modern web standards rat race.
Kagi bringing orion to Linux changes the calculus. It introduces a third commercially incentivized, consumer-grade engine to the platform. Even if you never use orion, you want this to succeed because it forces WebKitGTK upstream to get better, which benefits the entire open source ecosystem.
The sticking point like always will be media playback (read: DRM/widevine). That is the graveyard where Linux browsers go to die. If Kagi can legally and technically solve the widevine integration on a non-standard Linux webkit build, they win. If not, it will be a secondary browser.
> Webkit on Linux has essentially been relegated to embedded devices or the GNOME epiphany browser
Don't forget about https://falkon.org. It's a browser I enjoy using. WebExtension support will be big if it lands in Orion though.
EDIT: apparently Orion is not open source. Not particularly interested in a closed source browser, TBH. In 2022 they said they plan to open source "when there is merit"[1], whatever that means. No merit yet, it seems.
Falkon uses QtWebEngine, essentially a Chromium (Blink&V8) wrapper. QupZilla, its predecessor, was using QtWebKit. Otter & kbd-driven qutebrowser (two other Qt browsers) for time, and maybe still do, simultaneously supported both.
Same for me. Using a proprietary browser is not quite as bad as using a proprietary OS, but it is a distant second. Hopefully they figure out whatever merit they are waiting for...
I find it strange because it seems to me that outside of their bread and butter products (Kagi Search, Assistant), there really isn't a business secret or proprietary technology to keep secret no? Perhaps integrated browser LLM tooling they don't want to give out for free.
Not too much speculation needed as to why: data collection which is then used to enhance both their Search and Assistant products + they can easily start pushing their search and assistant through the platform once adoption is high enough and people who are used to Orion will more easily be convinced to just fork up a little money for continued or slightly improved features/access
It's more likely it has to do with all the work they're doing to getting the WebExtension API to work with WebKit which is a main selling feature for the MacOS version - using firefox and chrome extensions in a webkit-powered browser.
And esp for the iOS version, where there are not many options for using extensions in other browsers. The only browser there that can use UBO, afaik. In MacOS it is a bit too buggy for me for daily use, ymmv.
People usually don't compile their browsers from source anyway. And of course, technically, a program can check whether monitoring tools are running and adapt its behaviour accordingly, but this is malware territory and it makes no sense for any reputable browser. Also, technically, one can do that on router level anyway and not have this issue. So yes, I would say that analyzing the network is enough.
> The sticking point like always will be media playback (read: DRM/widevine). That is the graveyard where Linux browsers go to die. If Kagi can legally and technically solve the widevine integration on a non-standard Linux webkit build, they win. If not, it will be a secondary browser for documentation reading only.
I'm hopeful that some day Linux will have enough users where the media companies can't ignore them. Hopefully, that day is sooner than later.
It's pretty frustrating that peacock (and all xfinity streaming) doesn't work and you can't get 1080p or 4k on most other streaming platforms.
Hmm good point. The issue is also the distinction between widevine L1, i.e hardware-backed DRM and L3 (the software backed one).
Correct me if I'm wrong but to stream 4K, studios require a hardware root of trust and a verified media path. They need a guarantee that the video frames are decrypted inside a trusted execution environment and sent directly to the display without the OS kernel or user space being able to read the raw buffer.
AFAIK Windows and macOS provide this pipeline at the OS level. OTOH, ChromeOS gets 1080p/4K not because it has massive market share but cause the hardware and boot chain are locked down by the almighty Google.
On desktop Linux, where you have root access and can modify the kernel or compositor to inspect memory, there is technically no way to guarantee that secure path to the studios' satisfaction. Am I right in this assumption?
Unless the DRM providers change their threat model, which sounds unlikely to me. Or distros start shipping signed and locked-down kernel modules that prevent the user from being root, which is again unacceptable to most (me included), we will likely be capped at 720p for some time now.
Yes. I tried using Chrome on Linux just to watch movies that I purchased on Youtube at HD/4K and watched as the stream was limited to 240P. IMHO regardless of what Google says in their ToS they have already broken the trust agreement by not providing what I paid for. Regardless of what the studios want, all this does is push me back towards piracy because once again the industry fails to understand that piracy is a accessibility problem, not a financial problem. If I pay for 4K then regardless of where I want to watch that movie it better be in 4K, that's what I paid for. Google hides behind their ToS to get around the fact that they sold me a product then failed to deliver.
> ChromeOS gets 1080p/4K not because it has massive market share but cause the hardware and boot chain are locked down by the almighty Google.
ChromeOS is based on Gentoo Linux underneath just very stripped down and Googlefied. It's the same BS that Bungee pulled with Destiny 2 and Linux. If you so much as dared to run Destiny 2 on Linux you would be banned. Stadia used Linux but because Google controlled the platform they allowed it to be played there.
These are the games they play to make other platforms that aren't MacOS/Windows appear like they are incapable but in reality it's just corporate greed and grift.
As far as I understand, on the mobile implementation not even the OS can access the buffers. So even with root you can stream L1 content but not screen record it
As do HDCP strippers. Judging by the availability of 4K Netflix content on torrent sites, I do believe the only people being prevented from watching their content are paying customers acting in good faith.
This isn't even a strictly Linux problem. On Windows, Edge has by far the best encrypted streaming playback using their PlayReady DRM. Many services like Netflix will only do 4K for Edge. Chrome is often 1080p, and Firefox was 720p last time I tried it.
Same situation on Mac where Apple's Fairplay DRM enables 4K playback in Safari, but Chrome and Firefox have the same limitations as on Windows.
Last time I tried to use Firefox on Windows as my daily driver, video playback was one of the biggest gaps that made me go back to Edge.
This is the way. Widevine is a cancer that only serves to lock down the browser market to a small handful of web engines that have been approved by Google. If your browser isn't based on Chrome, Firefox, or Safari you're out of luck.
Most people will not use a browser that can't open youtube videos and they know and exploit this with extreme precision.
If you are already paying for the streaming service that offers the content and they restrict you from watching because of your OS are you harming the industry by downloading it? Nothing is stopping you from buying a 4k webcam and recording your computer monitor.
You're already paying the monthly fee to stream it, you're just streaming it in a more friendly way. Granted if you cancel the service, you should delete the content.
Many won't though and that's the problem but that problem is caused by the fact that you're being restricted in the first place.
There are still other, non-trashy ways to record your screen. Motivated actors have no problem with such restrictions, as happens with everything. It is for exerting control over the normal users' behaviours and habits.
> I'm hopeful that some day Linux will have enough users where the media companies can't ignore them. Hopefully, that day is sooner than later.
Does YouTube and Netflix work? That's the lion's share right there. A lot of users probably don't even care about the other streaming platforms. I'm probably being too optimistic, but I think the upcoming Steam machines will have a significant adoption of the linux desktop. Microsoft is certainly working 'round the clock to alienate their users.
If you're using a "common browser" on Linux (Firefox/Chrome) Netflix should work, just at 720p for most of the content. If you're using a minor Chromium based fork the customized Chromium package provided by your distro it probably doesn't have Widevine by default.
The same is true for running a vanilla Chromium build on Windows, the big difference is the quality of content you can get on Windows can be higher than 720p in the mainstream browsers (as long as the rest of the system is compliant as well).
Yeah, and that leads to the DRM'd content in YouTube (like Movies & TV) not working for me in Kagi on Linux. Unless you're saying I've done something wrong and it really is working for you... in which case I may have some tinkering to do to find out what I did to break it :D.
One correction to my message above: apparently Chrome on Windows is still 720p for Netflix, it was Edge that had 4k support. Or you can install the Netflix App on Windows too.
One correction to my message above: apparently Chrome on Windows is still 720p for Netflix, it was Edge that had 4k support. Or you can install the Netflix App on Windows too.
I agree it's a bit silly, but I think a lot of people don't really care about quality so long as they can watch it. I guess that'd also explain how Netflix gets away with such low bitrates for even the "high quality" versions of content.
I don't think I've seen Netflix comment on this since a long time ago, but back in 2018 it was:
- 15% PC
- 10% Smartphone
- 5% Tablets
- 70% TVs
In terms of viewing hours https://www.statista.com/chart/13191/netflix-usage-by-device.... So definitely most viewing on TV, but still something like 1/3 of households with TVs don't have a 4k TV at all (as of 2025) in the first place. Hard to definitively say more since Netflix & others don't seem to publish the numbers often.
I'd love to find out I'm wildly wrong though and have a bunch of people willing to push Netflix to have higher quality content... but so many people don't even seem to pay for the premium plan with 4k (anecdotally, Netflix doesn't seem to publish numbers on that) that I'm not holding my breath as I sit here with UHD Blu-Ray quality instead :D. It seems like most people just want something quick to turn on in the background than something to really sit down and bask in every detail of.
> The sticking point like always will be media playback (read: DRM/widevine).
Probably true in general. But for me, that's not a sticking point at all. I don't care if a browser supports media playback or not.
What I do care about is the ability to enable/disable embedded code execution (JS, at the very least) at a fairly granular level. Does Orion allow for that?
DRM sucks, but the time to thrash against it is has passed. It's here, it's not going away, and users expect to be able to use their browsers to watch protected content.
Aren't we talking about the fact that it's not here (on Linux), and some people would like it to be?
The time to thrash against DRM will be when you can't get hardware that boots kernels which were not approved by your government. What we're doing now is trying to prevent that time from coming at all.
Having to watch protected media on a different device is a small price to pay.
I like what Firefox does: it allows me to just disallow Widevine entirely, which is what I do. That still allows others who want to use those things to do so. It's the best of both worlds.
My take is: you're welcome to the party, but don't be surprised if someone shows you the door when you pull out the drugs. It ain't our type of fun.
I understand various reasons why people are pushing for the adoption of open source software, but it will be counterproductive if it brings the problems of the commercial software world with them.
The actual important part is consumer-grade. Because WebKitGTK itself is already commercially incentivized, developed primarily by Igalia (a quite underrated firm regarding their contributions in open source) who are offering consulting services mainly in embedded-related industries.
> "DRM/widevine [...] is the graveyard where Linux browsers go to die"
Maybe it's not widevine L1 but Firefox has the widevine plugin enabled on my Debian 13. I don't remember I had to do anything except downloading Firefox from Mozilla and installing it.
Browser engine diversity doesn't matter. The only important browser diversity is in the browser itself. Multiple browser engines makes it harder for developers of websites due to divergence of the engines and it makes it harder on engine developers since there are less resources going to the same engine.
I don't disagree with you about a new browser being a good thing but ...
> If not, it will be a secondary browser for documentation reading only.
I don't even have sound on my main desktop PC: the one I use the most. The one I do all my "life admin" stuff from (banking, real estate, etc.), all my work emails, all my coding. I think sound works but I haven't bothered to plug in speakers to check (since three years, when I assembled the PC).
That's a bit more than documentation reading.
There are work environments where even just a sound emitted by a PC is frowned upon.
People who aren't into media consumption are not just "reading documentation".
I have to disagree with some of your points. No shade at Orin but WebKitGTK is a volunteer project. Having competition won't push WebKitGTK any faster because I am sure they are going as fast as they can. WebKitGTK already have a good list of features to add because they have other commercial browsers to compare themselves to, it's the speed that they can add them due to resource limitations. BTW, Firefox also runs on Linux. Also, nobody is installing a secondary browser for documentation reading only - what's the point of doing this?
Been a Kagi subscriber for a while, and am supportive of a more diverse browser ecosystem. However, I won't be using this browser as long as it is closed source. Honestly, the arguments made by the founder (I believe he's the founder anyway. I may be wrong) in the related feedback thread kind of soured me a little bit on Kagi. The arguments were essentially:
1. It's a lot of work to maintain an open source project accepting community contributions. Absolutely true, but that's not what's being asked for. Providing a tarball under an open source license doesn't add any significant work.
2. No one has asked for the Kagi backends to be open sourced, so why is the browser different? Obviously because I run the browser on my machine. Your backend runs on your machine.
3. We need to protect our IP. Then release it under a copyleft license. Or if you absolutely must, release your proprietary bit under a non-open source license.
4. You don't need the source because we send 0 telemetry, which you can verify using a network proxy. That's hardly the only thing to be worried about with a binary blob. Even if you kept the code completely closed source, by just releasing a tarball with the source under a proprietary license, I can build my own binary from source and eliminate this threat.
> Then release it under a copyleft license. Or if you absolutely must, release your proprietary bit under a non-open source license
An old mentor once said to me that a contract is just the start of a conversation. If you sign a contract, the other party violates it, and your business goes under... you may be able to get some compensation through courts, but also your business is gone. And getting that compensation and proving that the contract was violated and how much you are entitled to costs time and money.
Releasing something at all, even under a restrictive license, means nothing if you have no intention (or capability) of enforcing that license. Look at how often companies take GPL code, modify it, and then never publish their modifications... and then people have to sue to get things resolved.
So "We aren't ready to commit the legal resources to fighting and defending the licenses" makes a LOT of sense. IP protection is not just a matter of signing a piece of paper saying people can't do a thing, you have to actually prevent them from doing the thing.
> 3. We need to protect our IP. Then release it under a copyleft license.
No affiliation with Kagi, but I think you're dreaming if this actually would make a difference.
How many times has GPL'd software successfully been argued in court? Maybe four or five? Considering how many millions of software packages exist and how hard it would be to prove enough to bring a lawsuit/discovery request, I would be extremely surprised if there aren't thousands of GPL violations out in the wild that never go to court. I remember the source code to Spongebob Squarepants Supersponge violated the GPL [1], and that wasn't discovered for decades.
I am mostly ok with FOSS, and I don't love the idea of using a fully proprietary browser either, and I am probably not going to use Orion on Linux, but I don't think it's inherently wrong for them to want to keep any secret sauce close to their chest.
It seems weird to run a closed-source browser on an open-source operating system when so many open alternatives exist—I certainly wouldn’t do it, and I’m a Kagi customer.
I hope freediver will shed some light on the open source plans, because that's a deal breaker for me too. I'm a long time paying customer and huge proponent (even evangelist) of Kagi, but a closed source browser is just too many steps backwards for me no matter who makes it.
I get (though wouldn't necessarily agree with) keeping it closed while it's still in the works, but would like to know if the plan is to open source in the future or not.
Thank you! I'm obviously just one person, but I deeply appreciate your willingness to engage on HN, and your transparency and honesty about things (not just today, but also in the past). Makes me feel even better about being a paid Kagi subscriber.
Kagi founder here. Orion isn't open source yet primarily because we're a 5-person team that spent 6+ years building this and created significant IP doing so, and we're not in a position to defend our work against a well-funded company using it as a base (we care very much about the business model of the browser surviving). Restrictive licenses help in theory but enforcing them against a company with a larger legal budget doesn't.
We also see limited upside from community contributions - the number of people who can meaningfully work on a WebKit browser is small (from our experience hiring), and most of them already work at Apple or Kagi. Meanwhile, managing an open source codebase of this size would add real strain to our small team.
The plan is however to open source when Orion is self-sufficient (business model of Orion is you are the customer and can pay for it - like we used to pay for browsers 20 years ago before advertisers started paying for our browsing), meaning it can sustain its own development independent of Kagi Search. I want to take the opportunity to thank all people who supported the Orion browser vision [1]. We're not there yet but recent 1.0 launch and expanding to Linux are steps in that direction. And on Jan 1st this year we began development of Orion for Windows (HN exclusive yay!).
I understand this is unsatisfying to people who want source access now. It's a tradeoff we've made deliberately, not something we're hiding behind.
> The plan is however to open source when Orion is self-sufficient (business model of Orion is you are the customer and can pay for it - like we used to pay for browsers 20 years ago before advertisers started paying for our browsing), meaning it can sustain its own development independent of Kagi Search.
Orion will never reach "self-sufficiency" as long as you don't actually charge for Orion. Orion is completely free to use. I can donate to Orion+, but Orion+ offers no paid features; it's basically a Patreon. https://help.kagi.com/orion/orion-plus/orion-plus.html
(No major browser has ever sustained its own development independent of a search engine's funding, not even Netscape, which charged $40/seat in the 1990s, with a free "shareware" tier so generous that hardly anyone paid. Netscape was funded by advertising, especially from Yahoo search. Funding browser development entirely on donations to a commercial business would be completely unprecedented.)
What if, instead, you made Orion "source available" to paying customers, but not open source? You could merge PRs only from users who sign a CLA. (Users would file PRs out of charity, for the same reason they sign up for Orion+ today.)
> managing an open source codebase of this size would add real strain to our small team
Can you please elaborate what do you mean when you say this? This is something I do not understand. How licensing terms affect your codebase management beyond setting things up so the code is available to users?
Publishing something under a FLOSS license doesn’t mean anything except that you grant end-users certain rights (the four essential freedoms). The rest (like accepting patches or supporting external developers) is customary but by no means obligatory. You don’t have a capacity for it - don’t do it, easy. There are thousands of developers who do that - they just dump whatever they have under a nice license and that’s it.
Unless you’re saying your legal department doesn’t have capacity to handle licensing concerns, especially if you’re using or potentially using non-FLOSS third party components. That I can totally understand, it could be pretty gnarly.
Please don’t be mistaken: Free Software is a purely legal matter of what you allow users to do with your work - not some operating principles or way of organizing processes.
Note: All this said, I can understand that you may not want to grant some freedoms to the end users, particularly the freedom to redistribute copies, because this could affect your plans of selling the licenses. But that’d be a whole different story than codebase management concerns.
As I wrote, If the concern is that they cannot figure out a way to distribute it as paid software as others may redistribute it for free, that’d be a valid point of concern (and there are plenty of options). But that’s not what they’re saying.
Someone steals their work. Violates the license. To defend their rights Kagi has to sue or lay down. Not giving away the keys to the kingdom until that ability to defend is established just underlines that they're doing valuable work.
Pardon my skepticism but I don’t believe that’s a realistic threat model. Yea, purely hypothetically that could happen. But realistically, why would someone do that - what’s the point? Especially so it’s severe enough to warrant a serious legal battle that takes more than a few sternly worded DMCA-like emails to hosting providers?
Mind you, if we’re talking about hypotheticals, someone can ship a differently branded or malware-ridden (or idk what else, my imagination runs dry pretty fast here) version of their binary distribution without any source code access just fine, violating licensing all the same. Patching unprotected binaries is pretty easy, frequently much less demanding than building from source. And with all due respect to the good work they’re doing, I highly doubt Orion team needs to buy a Denuvo license, haha.
(And, as I said, it’s not even remotely what they wrote.)
Are you looking for people who worked on WebKit in the past?
I really hope you refactored WebKit's Bridge, because it allowed a lot of exploits in the past, and was neglected upstream by Apple.
When I started my RetroKit fork I was aiming to reduce that attack surface while offering farbled apis based on other browser behaviors and their profiles. [1]
My fork has been neglected a bit due to lack of time, as I'm currently still busy with other APT related things before I can get back to it.
Would love to chat whether your plan is to open source your WebKit fork, maybe there's some overlap and we can work together on it?
(I currently hope that ladybird will be getting into a more forkable and modular state, because servo passed by that goal a long time ago).
I've found a few that work but many can be buggy or non-functional, just depends on the extension. The only one I use currently is called "Control Panel for Twitter", which seems to work pretty well.
Having access to the source is just one part of open source.
The state of webkitgtk is a bit rough, as I’m sure you and your engineers have noticed. The other part of what open source means to people is that you contribute back to the open source code you used to build your business, lifting all boats in the process.
What people certainly do not want to see is Kagi pull an Apple: utilize FOSS to the extent it helps you but return nothing but “thanks everyone but we got ours”.
earlier in the thread I read nhe plan was to release the source "when it has merit" But that instantly left me with the feeling that the authors of the browser, and I have very different opinions on what the word merit means. Such that they would be incompatible, and I'd never want to use it. This is a decision that has lowered my opinion about exactly how much I can trust Kagi.
> Kagi founder here. Orion isn't open source yet primarily because we're a 5-person team that spent 6+ years building this and created significant IP doing so,
But it's possible I haven't considered some detail where I might agree it's reasonable. Can you describe or offer any insight into the "significant IP" that you need to protect and defend? What threats from a larger company are you primarily concerned about?
The GPL has pretty good legal precedent, and so does the MPL in the browser space (though, Firefox has mozilla behind it so it gets the enforcement benefit). If the SFC wins its vizio case, would you look into freeing orion?
uBO is not technically working on Orion for iOS. We do not have permissions to run certain web extension APIs on iOS needed for uBO feature set. The adblocking you witness is thanks to built in native adblocker in Orion.
We support Kagi across products. We believe alternate browser engines keep the web standard. We give more weight to that than to whether a particular browser's value add (on top of a double digit* but non-hegemonic engine) is open.
We believe software and hardware creators have a right to choose their business model and let that model compete, as Kagi's is competing right here in this thread.
* Having worked at mega banks etc., they do look at these numbers to decide whether to invest in standards support or slap on a "Requires IE" button.
I am generally ok with things being proprietary if they want, and I'm mostly ok with Orion being proprietary, but I do understand peoples' issues here.
For a lot of people (even relatively geeky people), their computers end up being "an interface to use a browser". People use their browser to file their taxes, to write their documents, to manage their websites, to create websites, to look at porn, to pirate movies, to chat with their friends, to send/receive money to their bank, and a whole bunch of other things.
It would be hard to imagine a piece of software that is capable of knowing me more intimately than my primary web browser, and as Google has proven, this intimate knowledge is valuable. Companies pay boatloads of money for large quantities of personal information to target ads (and probably a bunch of other more disturbing things).
I genuinely don't think freediver is lying; I believe him when he says there's no telemetry data being sent and that it's not tracking me, but there's the sticking word: "believe". I have to trust him, which wouldn't necessarily be the case if it were FOSS.
Now, granted, I could always run Wireshark or something to ensure that there's no telemetry data being sent regularly, but that only protects you so much; for all I know, they could be taking steps to actively make it look like they're not sending data, or they could be batching up N days of data and sending it in batches so it is not as obvious that telemetry is sent.
Again, I genuinely don't think they're doing that, I believe them, but I do see peoples' points.
I would ignore the haters, keeping Orion proprietary makes the most sense for being able to successfully charge for it as a commercial product. You can't sell an OSS product, only supporting services, as many many startups have realized and been forced to relicense to much anger within their respective communities.
And when the market is going to be primarily technical people I don't think you can trust them/us with source-available either as hackers with a strong aversion to paying for software thinking themselves clever will make and distribute bootleg builds with the license checks removed. Then you'll have to spend your time finding and DMCAing them which will only make people mad. Best to avoid it entirely.
I appreciate you/Kagi actually thinking about building a sustainable business in contrast to companies that open source their core competency and then fail to make money later.
Come home? It never left it. Konqueror, the software where it all started, still is a core KDE app. WebKitGTK, arguably the most portable WebKit distribution and what Orion itself uses, has always been Linux-first.
I can’t speak to whatever konqueror uses these days but webkitgtk is notoriously behind and difficult to work with. You can read posts from the Tauri devs questioning their entire approach on Linux due to it.
I really hope Kagi contributes back upstream to improve the situation, it’s needed.
Edit: looks like konqueror uses qt web engine which is chromium. The irony of the KDE browser abandoning WebKit while the GNOME browser still tries to use it is too much.
Why does it seem weird? I run a lot of proprietary software on linux. Actually made a career of it. I also run a lot of open source whenever I can, but I'm pragmatic about the whole affair. I think most users are like that.
Just curious, but is this really a big deal? As a customer, you already trust Kagi enough to feed them your entire search history, so I guess you don't think they're bad actors. Thus, why you find problematic the (momentary?) "unopeness" of the browser? I'd gladly try it (I'm on Arch), even just out of curiosity (unlikely to make it my main, though).
Jeez, downvoted for asking about context? People, calm down.
Requiring it to be open source is not just about trusting the publisher. There are a bunch of other possible reasons, including wanting to support open source as a counterbalance to proprietary software.
For me, it's a big deal (although not a dealbreaker) for that reason. If I have the option of two different pieces of software, one being open source and the other proprietary, I'll choose the open source one every time unless there's something really exceptional about the proprietary one. But that's very rare.
I was just trying to think of any proprietary software I use outside of work (where I don't have a choice) or games. There must be at least one, but I can't think of what it is.
Because Kagi Search is a service I subscribe to. A browser is a program I install. That difference means everything.
But since I have your attention, I just want to add that I'm a huge fan of Kagi Search and it's well worth the money I spend for it. I love the work you guys are doing, and that love is the reason why I'm even thinking about using Orion. But they are two entirely different use cases.
I am pretty sure the expectation would be different if Kagi search could be self hosted. Linux people have come to expect open source for code they run on their own machines. Historically closed source Linux software has run into a lot of problems with dependency version mismatches as libraries get updated through the distributions package manager.
I'm not the one running Kagi on my computer, and the expectations of software ran over a network are and should be different from software I run on my computer
About half a year ago, I ran into an instance of a user who requested more openness[0] regarding the sources Kagi used - initially there was a list that was available, and then it was removed. I know it's not exactly the same, and it's been a long time since that request was made, but if you happen to read this, I second their request.
Personally, I think it would be incredible if you open sourced your search engine. But like someone else said more eloquently, software runs on our computers. And to me, open-source software is table stakes when there are viable alternatives.
There aren’t great open-source search engines, so I’m moving from one proprietary option to the next. But there are great, open-source browsers already, and I refuse to go backwards.
If a good, open-source search engine were available, I would leave Kagi for it.
I can build it myself and skip that step. Or, if the build process is reproducible, you can make trust less of an issue by having a small handful of independent people run their own builds and post their signatures. That way you need those people to all collude with Kagi to forge a bad build. This is how e.g. bitcoind binaries are handled.
They give you a key and only if you have a higher tier account. The act of doing that requires that there is a step in the process where they know you’re requesting a key and who you are. They could bind them in the backend if they wanted, before giving it to you.
You’re still trusting them. Not to mention they could round them all up by IP or browser fingerprinting.
There is still some level of trust.
I happen to trust them enough for that; but it is still trust.
I am not an expert in the underlying cryptography, but the claim is indeed that the cryptographic approach makes it impossible for them to link the key to the queries in the backend.
Sure! But there is a stage where they generate those keys for you and give them to you. You need to be logged in to get that page. That is trust there.
No, issuer-client unlinkability is a feature of the design. The token is finalized by the client using private inputs so Kagi never actually sees the redeemable token (until it's redeemed).
Using the example doc you’re citing from kagi.com - though not the RFC, I don’t have the time to dive into that one at the second, I see that a session token plus some other stuff is passed in and a token comes out.
Where does it show that on the Kagi backend they couldn’t, theoretically, save the session key before performing the token response?
Sure, they probably do. Doesn't matter because neither the session key nor the token response can be linked to the tokens.
If you're not going to make an effort to understand how it works, don't make assertions about how it works. Ask your favorite LLM about the RFC if you have any further questions.
Because free (as in the FSF definition) software should be a human right. We deserve to know how our tools work and be able to improve them and use them as we please. Free (as in freedom) software doesn't need to be monetarily free either. Make it so the purchase of orion comes with the binaries and a copy of the source code, or provide it on request. This has proved to be sustainable before, arguably the defacto standard for pixel art is (or was before a license change made it so you can't redistribute the source code) free software, despite costing money
Google started as a company that seemed worthy of trust. The founders had ideals and followed them. Look what happened. Companies can turn evil surprisingly quickly. I'm also a Kagi customer, but I wouldn’t use a closed-source browser either.
Yeah. The only webkit browser on linux aside from orion is GNOMEs browser (which frankly kinda sucks, which is why I want orion open-sourced so that GNOME can take its work on webextentions when they become supported)
Wild that I can't use Kagi in Safari on iOS, where my search options are still locked down to three~four Apple-approved choices, of which at least one is just a multi-billion-dollar paid product placement.
(Yes, I know about the extension that hijacks your searches to redirect them to Kagi, but how is that an acceptable state of affairs?)
Since search engines are queried with a URL with a parameter for the search term, browsers could simply allow "power users" to enter a custom URL. Voilà — support for every imaginable search engine and they can still make their billion dollar deals for providing default search engines. That's how Firefox does it.
I just tested Brave. It's possible to set anything as the default search engine, but the UI hides it really well. They sure don't want you to find out. You have to add it as a site search first (which is a different section), then you can make that "default", which moves it up to the search engines and makes it the default search engine.
And sure enough, Safari on macOS seems to not allow it at all (needs extensions).
I was completely surprised as soon as I read your post that you couldn't add search engines on safari, and then I was completely unsurprised a moment later.
This upsets me as well. I’ve sent Apple feedback[0] about it, I suggest others do the same.
I wanted to use Safari at work, but this proved too big of a barrier. I can’t use the App Store at work, so no extensions. I was more willing to give up Safari than Kagi.
Just submitted feedback as well. This is honestly what’s holding me back from buying a Kagi subscription at this point. Here is what I submitted:
I’m requesting that iOS Safari allow users to set any search engine as their default, rather than limiting choices to a pre-approved list. Currently, Safari only offers Google, Bing, Yahoo, DuckDuckGo, and Ecosia, preventing users from choosing legitimate alternatives like Kagi.
While workarounds exist, they’re cumbersome and don’t provide a seamless experience. Please consider allowing users to add custom search engines as default options, similar to macOS Safari. This would enhance user choice without compromising security.
If you can tell me what phone can give me access to all the standard apps I would need, has good build quality, doesn’t funnel my data to Google, is backed by an entity capable of providing multi-year device support, has cloud storage integration that lets me keep my data securely offloaded from the phone’s storage, can handle modern apps and websites as far as performance, has a very good camera, and has the equivalent of AppleCare such that if/when I shatter my screen I can replace it for $30, I am all ears.
I have a Pixel 8 running GrapheneOS and it does most of the above:
- slightly lesser build quality than my iPhone 15 Pro but comparable
- doesn't funnel data to Google unless you explicitly let it, you can circumvent a lot of the Google Play stuff by restricting permissions and using Aurora Store
- is backed by, well, Google and the Graphene team porting over security updated. They have a fairly good track record by now.
- can use any of the N backup services that already exist unlike the iPhone's silly restriction on background apps
- don't notice performance differences between it and my iPhone 15 Pro in day to day use. If anything, biometrics are way faster on the Pixel since iOS 26 made FaceID slow as molasses for me
- the default camera is pretty good (uses all the Pixel fancy processing hardware) but if it's not good enough you can just install the stock Google camera which works fine. You can turn off network access if you don't want it snooping. Photos are neck and neck with the iPhone but the iPhone is way better at videos, no Android phone has cracked that yet IMO.
- Yeah, but no other brand can give you an AppleCare experience. Best option is phone insurance and just getting a new Pixel if that happens. Graphene can do full device backups via Seedvault and it's not that much more of a pain to restore compared to an iPhone backup. Granted, it's jankier but it's not impossible. The other issue is that Pixels are not a thing in a lot of countries, Apple really has the edge here but I'd take that risk over the UX shenanigans they pull nowadays with their latest updates (god is it awful)
I haven't found one. I don't carry a phone unless I have a specific reason (ie: gps). I use my desktop or tablet (Daylight Computer) with a voip service (jmp.chat) when I need to use a phone number, and I carry a Sony ZV-1 in my pocket for my camera.
I tried it recently when the macOS version went to 1.0. Dealing with tabs felt more cumbersome than Safari and I ended up switching back. Safari is better at getting out of my why, which is probably why I always go back to it. This has been a pattern for a couple decades now.
I've been a Kagi user for months now and was really looking forward to testing this. However, I cannot find the download link. The page does not really contain any information on an actual release.
EDIT:
I found this in the docs:
> The alpha version of Orion for Linux is currently only available to [Orion+ supporters](../orion-plus/orion-plus.md) and can be downloaded from the [Billing Dashboard](https://kagi.com/settings/billing) under the Orion browser section.
So I still can't test this. Only for Orion+ supporters.
Previously, my comments on Kagi were about one thing: counting queries felt like a chore, so I stayed away. I did give it a try mainly for the privacy angle. After that, I switched to Perplexity and was happy for a year, until the familiar VC backed pattern showed up: ads, even for paying users. This year I upgraded to Kagi Ultimate, and honestly, it feels like they’ve found the sweet spot. I hesitated at $25 at first, but the search experience plus the assistant (and the ability to pick the models I want) along with privacy won me over. I’m also familiar with Orion since I use it as the app for kagi experience for AI chat and search. It could use an update for better assistant experience. Keep up the good work, Kagi.
I love Kagi. I understand the niche this fills. I even understand not open sourcing it yet.
But what I really miss is a self-hosted sync server. I don't want to use a browser without sync, but I also don't want to trust this data with any 3rd party other than myself.
It's one of the main reasons I'm using Firefox, since that is the the only browser that even vaguely supports this - albeit not well.
I tried the macos and ios versions of Orion yesterda and it was a great experience.
I've used Brave from the beginning but it has become bloated with web3-related stuff and has outdated UX (imo) on mobile.
Orion desktop is inspired by Safari, Arc in a best way. Ad-blocking and chrome/firefox extensions from the beginning, convenient vertical tabs, mature level of ui customization.
Orion has come an extremely long ways on iOS and macOS. I daily drove it for a couple months maybe a year and a half ago and it had a lot of little rough edges and was slightly broken on a number of websites.
I’ve picked it up again as my daily driver as of the new year and haven’t had a single issue yet. It even blocks ads in YouTube now - only Brave did that previously.
For me - Brave was the best browser product. It’s ad blocking is truly phenomenal and nearly every site “just works”. But I don’t love the ethics of Brave and certainly not its founder. So I am extremely excited to have Orion take over that niche of the browser space that I most care about.
That's why I hope Brave will eventually launch Brave Origin, a buy-once premium build of Brave, despite the previous large backlash against it from Internet users (especially on Reddit). I like the idea of a paid but well-made, no-nonsense, no-bloat, no-ads, etc. browser, and I feel like Brave developers wanted their browser to be like that, but the pursuit of revenue stream led them to sidetracking into crypto, AI, VPNs, ads business, et al, and all the controversies over the years that came from that.
In the meantime I'll give Orion a try as soon as they introduce cross-device sync.
Also I had never heard of Brave Origin before. This is interesting. I suppose it depends on price but I may consider switching to this on Windows and Linux when it’s available.
I used it for close to a year and abandoned it because I kept running into issues with tabs getting randomly reloaded and extensions causing trouble.
What would you say has changed over the past few months?
I just felt like Kagi wasn't prioritizing Orion development enough, being busy with their main Kagi subscription and all.
Are you talking about on macOS or iOS? On macOS I think the 1Password extension has always worked for me? At least it definitely does now. What issues did you have with it? On iOS I don’t use the extension - I’ve got 1Password set up as my default password store there.
I hope they upstream their implementation of Web Extensions to WebKit.
I'm not interested in using a proprietary browser, and hope for a release under a free license at some point. But a free WebKit-based browser with Web Extensions could have interesting properties regarding battery life on mobile GNU workstations.
If there's one thing they should release as free software it's this. I'd be disappointed if Orion never becomes free software, but it would hurt a little less if GNOMEs epiphany could benefit from the extension support
I think this is great. True native Linux-first power user browsers are nearly an entirely unserved niche. We've had them on macOS in various forms over the years (with OmniWeb being the original), but for a long time the only browsers built to integrate well with Linux desktops were minimal and light on features (like the WebKit version of GNOME Web/Epiphany).
It probably matters less to Linux users who do the minimal tiling WM thing, but as someone more drawn to traditional floating DEs it's always bothered me how alien the browsers one might actually want to use feel running in a GTK or Qt DE. Themes can help reduce the gap, but it never disappears — that last 10-20% always remains as an unavoidable side effect of how the big browsers are built, with it being particularly pronounced with Firefox and derivatives.
Of course a GTK based browser like Orion isn't going to feel the best under a Qt desktop like KDE, but GTK themed to match Plasma is a good deal closer than the bespoke UI found in e.g. Firefox or Chrome.
Firefox fills this niche fine, and it's actually Open Source to boot. The community doesn't really have a need for a "Linux-first" browser that treats Linux like a second-class, alpha-quality citizen.
I can't agree. Firefox is great, but I think its UI drags it down in various ways. It being built the way it is was a boon back when extensions were capable of radically changing the browser's UI, but now it simply puts a (unfortunately low) hard cap on how excellent its UI can be.
Funny enough, Epiphany used to be a more power user oriented browser, and it used to be powered by none other than Gecko. Unfortunately, Mozilla killed embedding in Gecko and that (along with related projects like Camino and K-Meleon) came to a screeching halt and Gecko became hard coupled with Mozilla's UI decisions.
Love to see it. I've been a paying Kagi member for three years (!), and for now I trust them more than Google, but I echo the other users' concerns that to switch to this long term I'd want it to be open source.
I first used Orion a couple years back and it was already pretty good back then. Super cool to see it coming to Linux!
I must +1 that no matter the platform (this criticism is not limited to Linux), the open source option is almost always my choice, especially for something as important as a browser. This is a big reason I don’t use Orion today, even though I have big issues with the other available browsers.
If I'm a linux user who uses firefox currently, what's the value prop for this browser? I already get privacy and extensions, is it just for testing my app on webkit?
The main benefit is that Orion (contrary to Firefox) has a business model. The downside is that it's not open source. They have some explanation on why, but it might be a deal breaker for someone.
You can already test a site on a webkit engine in Linux using Gnome Web (previously Epihany) or LuaKit ( https://luakit.github.io/ ). But it is always good to have options, even if commercial ones. From that aspect Orion on Linux is good news.
Is the Kagi Orion browser going for the "we hate loading and looking at ads, and maybe this is better than Chrome with uBlock Origin Lite" demographic?
(They don't seem to be going for the "serious, clueful privacy and Internet freedom" demographic, or they wouldn't be using Discord.)
There is some strange irony in this. Apple initially used the khtml code-base to build Safari but it quickly became impossible to back-port the changes from the Safari branch of khtml back into Konqueror. Now, 20 years later, someone has made an open source version of Safari.
I'd like Psylo [1] to be available on other platforms like Linux and MacOS. Psylo puts each tab behind a VPN and give them their own cookie storage space. It feels like a dramatically more private tool than Orion.
I tried Orion in Dec 2025 and it crashed more frequently than I could handle. It and/or VPNs I was using worked poorly with websites that I want to keep a page open on for days at a time.
I love what the kagi team is doing, and being some of the first innovators maybe since the ladybird(?) browser, even if it's using the same base of webkit, not being a fork of chrome or firefox. I wish they'd bring it to android, but it doesn't look like they're interested.
Kagi is a pretty small team and they’ve got a LOT on their plate. Orion started on macOS and was in development for 6 years before finally hitting their 1.0 release in November. Give it time - I’m sure they’d love to support just about every major OS and platform.
It is interesting that they don't mention future Android support anywhere on the website, but it does seem like they are (or at least were) open to the idea someday.
Nice. But I stopped using Orion on macOS when they stopped offering complete offline installers. They taut they are a zero-telemetry browser, as proof that they are privacy conscious about user data, and that was a good feature and overture. But then when they create technical avenues to (possibly) bypass that (like using online installers that can do all kind of data collection) it becomes harder to trust them as it follows the tried-and-tested path of other companies that have claimed to care about user privacy, to increase their user-base, and then betrayed their customer base by harvesting their personal data.
I really like Kagi because of all the features and just generally letting me be a user instead of a product, but they have some weird kludges sometimes.
The weirdest choice at the moment is by default Kagi sends a referrer when you visit a search result. There's currently ~65.000 Kagi subscribers worldwide, so just that lone data point completely destroys any anti-fingerprinting you're doing. And probably these subscribers are divided among time regions, so not all are active at the same time.
Even if you are on a VPN and visit site #1, then site #2, you are already cross-site trackable because it is very unlikely you are on the same VPN vendor (and endpoint) as the other subscribers. If you add in more data points like browser, OS, screen size and the like it becomes even more grim.
They have the referrer enabled because it helps make admins aware I guess.
You can turn it off (Settings > Privacy > Hide Kagi referrer), but defaults matter.
Thanks - I also turned it off. I guess it's a marketing thing for them, but it feels like it goes against the ethos of the company. Particularly given the fact they are clearly aware of this as they put it in the 'Privacy' section.
> online installers that can do all kind of data collection
"Can" is doing a lot of work here. A browser's whole purpose is to be online, after all. If they were trying to collect information about you, they really don't need the installer to be the thing that does it. It would be an impressive reversal of their whole premise as a business if their browser's installer was the piece that was violating your privacy and not, you know, their whole service (that you have to be signed in to).
> If they were trying to collect information about you, they really don't need the installer to be the thing that does it.
They do, if they are being duplicitous about their intent to not harvest user data.
If their browser was a data harvester from the get go, no one who is aware, and worried, about surveillance capitalism would have bothered to use it. And note that they had no problem in offering offline installers in the beginning. Now, once their base has grown, if they have a malicious intent (now or in the future), they can use the online installers to gather our personal data surreptitiously - for example, by profiling our hardware and (if you already had Orion installed) our settings, our bookmarks, our browser history etc. and use that commercially. It also allows them to install unwanted software on our computer in the future (I don't know if you are old enough to know - look up the browser toolbars era).
If their intent to respect a user's privacy is honest, offering an offline installer shouldn't be a big deal. (As far as I am aware, apart from Apple Safari, they are now the only browser that don't offer an offline installer).
> A browser's whole purpose is to be online, after all.
Not its whole purpose. I use browsers offline fairly often.
Offline installers (for any piece of software) are important to me because they allow me to keep a backup of the installer and won't restrict me when I don't have internet access. Keeping a backup is important because it lets me install older versions of the software when needed.
I respect your choice, but browsers are the one piece of software that you never, ever want to run an outdated version of. Websites really just don't stop working for new versions of browsers; browser/standards compatibility essentially only improves with time. The only thing you're getting with an old version is all of the security issues.
Guessing: it's not Blink, but it's easier to work with than Firefox's engine. I know people fork FF, but I vaguely recall hearing the engine itself was harder to separate and integrate into other systems. I'm sure someone closer to the issues can correct me.
You have to use the system Webkit though, right? So even though Orion is based on Webkit they are still constrained compared to other platforms, where they can patch the engine if necessary.
chromium is the devil and I understand them not using it, and when Orion started development firefoxes engine wasn't really re-usable iirc. Plus it started life on MacOS
I think Kagi at this stage have a better reputation than Mozilla, and Chromium is not seen as sufficiently independent from Chrome, and hence from Google’s anti-user decisions.
That said, closed source is still a deal breaker for a browser for me, or I’d probably already be using Vivaldi.
The built in ad blocker is phenomenal. Only Brave is as good on this front. It supports extensions from both FF and Chromium. It has a really neat integration with Kagi private search in private tabs. Kagi as a company has generally pretty good ethics and respects their users. That’s enough to make it compelling for me.
> It has a really neat integration with Kagi private search in private tabs
What's the integration you're referring to here? This was something I was interested in, but as far as I can tell if I enable Kagi Privacy Pass it's enabled browser-wide, not just in private tabs.
Ah - I just did not realize that privacy pass was available as extension to other browsers but of course that makes sense. It’s built in to Orion. You still have to enable it when you switch to private tabs. It’d be nice if it was automatic!
Orion is using WebKit. Chromium itself was a fork of WebKit. I don't know how much Chromium code gets upstreamed to WebKit any more, but Google certainly doesn't control it the way they do Chromium.
WebKit development is mainly driven by Apple, which isn't great from the perspective of having a browser free of corporate influence, but I trust them more than Google.
Nothing, really, other than it being closed-source, based around Webkit and to be sold/distributed under the Kagi moniker. If that combination scratches your itch this is for you, otherwise there are many alternatives.
I use it as my main browser on Mac and iOS since some time. It's stable enough, but there are _some_ sites that will not work. They are very few, but it happens. When it happens at the end of a long process (maybe registering) it's particularly painful, but in general it works just fine.
That was my experience like a year and a half ago too. I switched back with the new year (and also realizing it finally went 1.0 around Thanksgiving). It’s only been a few days but it’s been totally stable so far!
Most Linux users couldn't care less whether or not their software is open source. They are drawn to Linux for practical benefits, not ideological ones.
Most Linux users don't care, full-stop. It's the distro maintainers that decide which browser is default, and a proprietary browser has no shot at replacing Firefox in this regard.
A closed source wrapper around a web view? I have to advise that no one install, never mind use, this closed source, proprietary blob. Especially not for anything confidential like banking, health, etc.
Lowkey I wish Perplexity would do this for Comet, idk why but I use the heck out of their browser on my Mac. I dont always use the "browser agent" stuff (lol!), and I dont use it for EVERYTHING, but you spend so much time looking things up, and sometimes its nice to just be able to highlight text on a page and go "yo ELI5 this for me pls I feel dumb" and it just does it.
This is a healthy thing to happen to the Linux browser ecosystem imho.
We talk a lot about browser diversity, but on Linux and Windows, it is a lie. You have firefox (gecko) and fifty flavors of chromium. Webkit on Linux has essentially been relegated to embedded devices or the GNOME epiphany browser, which I'll admit while is a noble effort, lags a bit in the stability and power-user features department. Big reason for that is that it lacks the commercial backing to keep up with the modern web standards rat race.
Kagi bringing orion to Linux changes the calculus. It introduces a third commercially incentivized, consumer-grade engine to the platform. Even if you never use orion, you want this to succeed because it forces WebKitGTK upstream to get better, which benefits the entire open source ecosystem.
The sticking point like always will be media playback (read: DRM/widevine). That is the graveyard where Linux browsers go to die. If Kagi can legally and technically solve the widevine integration on a non-standard Linux webkit build, they win. If not, it will be a secondary browser.
> Webkit on Linux has essentially been relegated to embedded devices or the GNOME epiphany browser
Don't forget about https://falkon.org. It's a browser I enjoy using. WebExtension support will be big if it lands in Orion though.
EDIT: apparently Orion is not open source. Not particularly interested in a closed source browser, TBH. In 2022 they said they plan to open source "when there is merit"[1], whatever that means. No merit yet, it seems.
[1] https://orionfeedback.org/d/3882-open-source-the-browser/2
As a Kagi user for years now, I am very interested in a Firefox/Chrome competitor but I will absolutely not use Orion until it is open source.
Just curious: what browser do you currently use? Firefox, Zen?
I'm currently using LibreWolf on desktop and Firefox on Android.
Falkon uses QtWebEngine, essentially a Chromium (Blink&V8) wrapper. QupZilla, its predecessor, was using QtWebKit. Otter & kbd-driven qutebrowser (two other Qt browsers) for time, and maybe still do, simultaneously supported both.
Same for me. Using a proprietary browser is not quite as bad as using a proprietary OS, but it is a distant second. Hopefully they figure out whatever merit they are waiting for...
I find it strange because it seems to me that outside of their bread and butter products (Kagi Search, Assistant), there really isn't a business secret or proprietary technology to keep secret no? Perhaps integrated browser LLM tooling they don't want to give out for free.
Not too much speculation needed as to why: data collection which is then used to enhance both their Search and Assistant products + they can easily start pushing their search and assistant through the platform once adoption is high enough and people who are used to Orion will more easily be convinced to just fork up a little money for continued or slightly improved features/access
It's more likely it has to do with all the work they're doing to getting the WebExtension API to work with WebKit which is a main selling feature for the MacOS version - using firefox and chrome extensions in a webkit-powered browser.
And esp for the iOS version, where there are not many options for using extensions in other browsers. The only browser there that can use UBO, afaik. In MacOS it is a bit too buggy for me for daily use, ymmv.
Orion does not collect telemetry data [0].
[0] https://orionbrowser.com/privacy
What about their online installers, without which you can't install it?
As a data point, the Orion Alpha is a Flatpak. Not sure about the telemetry status with that.
How do you know that? Source is closed. Is a network analyzer enough to determine?
> Source is closed. Is a network analyzer enough to determine? Or do a search and give arguments why it's not enough ?
Because their entire continued existence depends on maintaining a reputation of preserving privacy?
People usually don't compile their browsers from source anyway. And of course, technically, a program can check whether monitoring tools are running and adapt its behaviour accordingly, but this is malware territory and it makes no sense for any reputable browser. Also, technically, one can do that on router level anyway and not have this issue. So yes, I would say that analyzing the network is enough.
That is in fact some pretty wild speculation.
> The sticking point like always will be media playback (read: DRM/widevine). That is the graveyard where Linux browsers go to die.
The Orion Alpha is happily playing back Youtube video's at 4k for me out of the box.
Confirmed it just now with this one to make sure: https://www.youtube.com/watch?v=mFG3Ah-zf18
> The sticking point like always will be media playback (read: DRM/widevine). That is the graveyard where Linux browsers go to die. If Kagi can legally and technically solve the widevine integration on a non-standard Linux webkit build, they win. If not, it will be a secondary browser for documentation reading only.
I'm hopeful that some day Linux will have enough users where the media companies can't ignore them. Hopefully, that day is sooner than later.
It's pretty frustrating that peacock (and all xfinity streaming) doesn't work and you can't get 1080p or 4k on most other streaming platforms.
Hmm good point. The issue is also the distinction between widevine L1, i.e hardware-backed DRM and L3 (the software backed one).
Correct me if I'm wrong but to stream 4K, studios require a hardware root of trust and a verified media path. They need a guarantee that the video frames are decrypted inside a trusted execution environment and sent directly to the display without the OS kernel or user space being able to read the raw buffer.
AFAIK Windows and macOS provide this pipeline at the OS level. OTOH, ChromeOS gets 1080p/4K not because it has massive market share but cause the hardware and boot chain are locked down by the almighty Google.
On desktop Linux, where you have root access and can modify the kernel or compositor to inspect memory, there is technically no way to guarantee that secure path to the studios' satisfaction. Am I right in this assumption?
Unless the DRM providers change their threat model, which sounds unlikely to me. Or distros start shipping signed and locked-down kernel modules that prevent the user from being root, which is again unacceptable to most (me included), we will likely be capped at 720p for some time now.
> Am I right in this assumption?
Yes. I tried using Chrome on Linux just to watch movies that I purchased on Youtube at HD/4K and watched as the stream was limited to 240P. IMHO regardless of what Google says in their ToS they have already broken the trust agreement by not providing what I paid for. Regardless of what the studios want, all this does is push me back towards piracy because once again the industry fails to understand that piracy is a accessibility problem, not a financial problem. If I pay for 4K then regardless of where I want to watch that movie it better be in 4K, that's what I paid for. Google hides behind their ToS to get around the fact that they sold me a product then failed to deliver.
> ChromeOS gets 1080p/4K not because it has massive market share but cause the hardware and boot chain are locked down by the almighty Google.
ChromeOS is based on Gentoo Linux underneath just very stripped down and Googlefied. It's the same BS that Bungee pulled with Destiny 2 and Linux. If you so much as dared to run Destiny 2 on Linux you would be banned. Stadia used Linux but because Google controlled the platform they allowed it to be played there.
These are the games they play to make other platforms that aren't MacOS/Windows appear like they are incapable but in reality it's just corporate greed and grift.
I'd imagine only SteamOS on the GabeCube could make this guarantee on Linux
As far as I understand, on the mobile implementation not even the OS can access the buffers. So even with root you can stream L1 content but not screen record it
> They need a guarantee
s/need/want/ but yes.
> Correct me if I'm wrong but to stream 4K, studios require a hardware root of trust and a verified media path.
Oscilloscopes and signal analysers exist.
As do HDCP strippers. Judging by the availability of 4K Netflix content on torrent sites, I do believe the only people being prevented from watching their content are paying customers acting in good faith.
This isn't even a strictly Linux problem. On Windows, Edge has by far the best encrypted streaming playback using their PlayReady DRM. Many services like Netflix will only do 4K for Edge. Chrome is often 1080p, and Firefox was 720p last time I tried it.
Same situation on Mac where Apple's Fairplay DRM enables 4K playback in Safari, but Chrome and Firefox have the same limitations as on Windows.
Last time I tried to use Firefox on Windows as my daily driver, video playback was one of the biggest gaps that made me go back to Edge.
You can work around the Widevine issues by pirating the content you're interested in.
This is the way. Widevine is a cancer that only serves to lock down the browser market to a small handful of web engines that have been approved by Google. If your browser isn't based on Chrome, Firefox, or Safari you're out of luck.
Most people will not use a browser that can't open youtube videos and they know and exploit this with extreme precision.
If you are already paying for the streaming service that offers the content and they restrict you from watching because of your OS are you harming the industry by downloading it? Nothing is stopping you from buying a 4k webcam and recording your computer monitor.
You're already paying the monthly fee to stream it, you're just streaming it in a more friendly way. Granted if you cancel the service, you should delete the content.
Many won't though and that's the problem but that problem is caused by the fact that you're being restricted in the first place.
a 4K webcam recording of a screen will produce a trash copy that isn't notably better than ripping off the 720p you can already screen record.
There are still other, non-trashy ways to record your screen. Motivated actors have no problem with such restrictions, as happens with everything. It is for exerting control over the normal users' behaviours and habits.
Figure of speech.
But the browser still won't get mainstream and will eventually die.
Perhaps a blessing in disguise. You're not missing out on anything of value.
> I'm hopeful that some day Linux will have enough users where the media companies can't ignore them. Hopefully, that day is sooner than later.
Does YouTube and Netflix work? That's the lion's share right there. A lot of users probably don't even care about the other streaming platforms. I'm probably being too optimistic, but I think the upcoming Steam machines will have a significant adoption of the linux desktop. Microsoft is certainly working 'round the clock to alienate their users.
YouTube does, Netflix doesn't
If you're using a "common browser" on Linux (Firefox/Chrome) Netflix should work, just at 720p for most of the content. If you're using a minor Chromium based fork the customized Chromium package provided by your distro it probably doesn't have Widevine by default.
The same is true for running a vanilla Chromium build on Windows, the big difference is the quality of content you can get on Windows can be higher than 720p in the mainstream browsers (as long as the rest of the system is compliant as well).
> If you're using a "common browser" on Linux (Firefox/Chrome)
Right. The user I was replying to was asking about a browser that isn't either of those.
Yeah, and that leads to the DRM'd content in YouTube (like Movies & TV) not working for me in Kagi on Linux. Unless you're saying I've done something wrong and it really is working for you... in which case I may have some tinkering to do to find out what I did to break it :D.
One correction to my message above: apparently Chrome on Windows is still 720p for Netflix, it was Edge that had 4k support. Or you can install the Netflix App on Windows too.
If you are limited to 720p you might as well pirate it even if you do pay for it if you intend to watch it on your computer rather than on a TV.
One correction to my message above: apparently Chrome on Windows is still 720p for Netflix, it was Edge that had 4k support. Or you can install the Netflix App on Windows too.
I agree it's a bit silly, but I think a lot of people don't really care about quality so long as they can watch it. I guess that'd also explain how Netflix gets away with such low bitrates for even the "high quality" versions of content.
I think people most do care about quality and most watch on their TV.
I don't think I've seen Netflix comment on this since a long time ago, but back in 2018 it was:
- 15% PC
- 10% Smartphone
- 5% Tablets
- 70% TVs
In terms of viewing hours https://www.statista.com/chart/13191/netflix-usage-by-device.... So definitely most viewing on TV, but still something like 1/3 of households with TVs don't have a 4k TV at all (as of 2025) in the first place. Hard to definitively say more since Netflix & others don't seem to publish the numbers often.
I'd love to find out I'm wildly wrong though and have a bunch of people willing to push Netflix to have higher quality content... but so many people don't even seem to pay for the premium plan with 4k (anecdotally, Netflix doesn't seem to publish numbers on that) that I'm not holding my breath as I sit here with UHD Blu-Ray quality instead :D. It seems like most people just want something quick to turn on in the background than something to really sit down and bask in every detail of.
> The sticking point like always will be media playback (read: DRM/widevine).
Probably true in general. But for me, that's not a sticking point at all. I don't care if a browser supports media playback or not.
What I do care about is the ability to enable/disable embedded code execution (JS, at the very least) at a fairly granular level. Does Orion allow for that?
It's a major sticking point for most people though and a very large blocker for wider Linux desktop adoption.
We like Linux adoption around these parts. But don't we like it because linux doesn't let companies mistreat it's users?
If users are unwilling to opt out of that abuse then I think its OK that their migration to Linux remains mildly inconvenient.
DRM sucks, but the time to thrash against it is has passed. It's here, it's not going away, and users expect to be able to use their browsers to watch protected content.
> DRM sucks, but the time to thrash against it is has passed.
Speak for yourself. I avoid any DRMed content. If I pay for it, I'm getting unrestricted access to the files. Or I don't pay for it.
Aren't we talking about the fact that it's not here (on Linux), and some people would like it to be?
The time to thrash against DRM will be when you can't get hardware that boots kernels which were not approved by your government. What we're doing now is trying to prevent that time from coming at all.
Having to watch protected media on a different device is a small price to pay.
I like what Firefox does: it allows me to just disallow Widevine entirely, which is what I do. That still allows others who want to use those things to do so. It's the best of both worlds.
Odd thing is, plenty of stuff that you think would break without widevine, works without it. Like... if you didn't need it, why did you ask?
I've never let Firefox play content requiring DRM. I don't thrash against it, just ignore it.
Agreed.
My take is: you're welcome to the party, but don't be surprised if someone shows you the door when you pull out the drugs. It ain't our type of fun.
I understand various reasons why people are pushing for the adoption of open source software, but it will be counterproductive if it brings the problems of the commercial software world with them.
You are, you recognize, a tiny minority?
Did I not make that clear with "Probably true in general."?
Among users generally, or among kernel developers? Because that's the audience you'd have to convince.
The actual important part is consumer-grade. Because WebKitGTK itself is already commercially incentivized, developed primarily by Igalia (a quite underrated firm regarding their contributions in open source) who are offering consulting services mainly in embedded-related industries.
> "DRM/widevine [...] is the graveyard where Linux browsers go to die"
Maybe it's not widevine L1 but Firefox has the widevine plugin enabled on my Debian 13. I don't remember I had to do anything except downloading Firefox from Mozilla and installing it.
https://support.mozilla.org/en-US/kb/enable-drm
Apparently it's part of Brave too but it's disabled by default
https://support.brave.app/hc/en-us/articles/360023851591-How...
I expect it to be available on Chrome and I don't expect much from Epiphany.
Browser engine diversity doesn't matter. The only important browser diversity is in the browser itself. Multiple browser engines makes it harder for developers of websites due to divergence of the engines and it makes it harder on engine developers since there are less resources going to the same engine.
> commercially incentivized
So corp stuff but with devrel?
I wouldn’t install a close source browser by a ad-incentivised company like Kagi.
How is it ad incentivized?
> The sticking point like always will be media playback (read: DRM/widevine). That is the graveyard where Linux browsers go to die.
On Firefox, you can disable DRM in about:config. Forks such as Librewolf and Tor Browser disable DRM by default.
I don't disagree with you about a new browser being a good thing but ...
> If not, it will be a secondary browser for documentation reading only.
I don't even have sound on my main desktop PC: the one I use the most. The one I do all my "life admin" stuff from (banking, real estate, etc.), all my work emails, all my coding. I think sound works but I haven't bothered to plug in speakers to check (since three years, when I assembled the PC).
That's a bit more than documentation reading.
There are work environments where even just a sound emitted by a PC is frowned upon.
People who aren't into media consumption are not just "reading documentation".
Yeah, that was a bit harsh on my part. I removed that bit, apologies. Had no intention of coming across as crude.
And Ladybird.
I have to disagree with some of your points. No shade at Orin but WebKitGTK is a volunteer project. Having competition won't push WebKitGTK any faster because I am sure they are going as fast as they can. WebKitGTK already have a good list of features to add because they have other commercial browsers to compare themselves to, it's the speed that they can add them due to resource limitations. BTW, Firefox also runs on Linux. Also, nobody is installing a secondary browser for documentation reading only - what's the point of doing this?
Been a Kagi subscriber for a while, and am supportive of a more diverse browser ecosystem. However, I won't be using this browser as long as it is closed source. Honestly, the arguments made by the founder (I believe he's the founder anyway. I may be wrong) in the related feedback thread kind of soured me a little bit on Kagi. The arguments were essentially:
1. It's a lot of work to maintain an open source project accepting community contributions. Absolutely true, but that's not what's being asked for. Providing a tarball under an open source license doesn't add any significant work. 2. No one has asked for the Kagi backends to be open sourced, so why is the browser different? Obviously because I run the browser on my machine. Your backend runs on your machine. 3. We need to protect our IP. Then release it under a copyleft license. Or if you absolutely must, release your proprietary bit under a non-open source license. 4. You don't need the source because we send 0 telemetry, which you can verify using a network proxy. That's hardly the only thing to be worried about with a binary blob. Even if you kept the code completely closed source, by just releasing a tarball with the source under a proprietary license, I can build my own binary from source and eliminate this threat.
> Then release it under a copyleft license. Or if you absolutely must, release your proprietary bit under a non-open source license
An old mentor once said to me that a contract is just the start of a conversation. If you sign a contract, the other party violates it, and your business goes under... you may be able to get some compensation through courts, but also your business is gone. And getting that compensation and proving that the contract was violated and how much you are entitled to costs time and money.
Releasing something at all, even under a restrictive license, means nothing if you have no intention (or capability) of enforcing that license. Look at how often companies take GPL code, modify it, and then never publish their modifications... and then people have to sue to get things resolved.
So "We aren't ready to commit the legal resources to fighting and defending the licenses" makes a LOT of sense. IP protection is not just a matter of signing a piece of paper saying people can't do a thing, you have to actually prevent them from doing the thing.
> 3. We need to protect our IP. Then release it under a copyleft license.
No affiliation with Kagi, but I think you're dreaming if this actually would make a difference.
How many times has GPL'd software successfully been argued in court? Maybe four or five? Considering how many millions of software packages exist and how hard it would be to prove enough to bring a lawsuit/discovery request, I would be extremely surprised if there aren't thousands of GPL violations out in the wild that never go to court. I remember the source code to Spongebob Squarepants Supersponge violated the GPL [1], and that wasn't discovered for decades.
I am mostly ok with FOSS, and I don't love the idea of using a fully proprietary browser either, and I am probably not going to use Orion on Linux, but I don't think it's inherently wrong for them to want to keep any secret sauce close to their chest.
[1] https://news.ycombinator.com/item?id=20129285
It seems weird to run a closed-source browser on an open-source operating system when so many open alternatives exist—I certainly wouldn’t do it, and I’m a Kagi customer.
Does Kagi plan to open-source Orion on Linux?
I hope freediver will shed some light on the open source plans, because that's a deal breaker for me too. I'm a long time paying customer and huge proponent (even evangelist) of Kagi, but a closed source browser is just too many steps backwards for me no matter who makes it.
I get (though wouldn't necessarily agree with) keeping it closed while it's still in the works, but would like to know if the plan is to open source in the future or not.
Wish granted!
Thank you! I'm obviously just one person, but I deeply appreciate your willingness to engage on HN, and your transparency and honesty about things (not just today, but also in the past). Makes me feel even better about being a paid Kagi subscriber.
Kagi founder here. Orion isn't open source yet primarily because we're a 5-person team that spent 6+ years building this and created significant IP doing so, and we're not in a position to defend our work against a well-funded company using it as a base (we care very much about the business model of the browser surviving). Restrictive licenses help in theory but enforcing them against a company with a larger legal budget doesn't.
We also see limited upside from community contributions - the number of people who can meaningfully work on a WebKit browser is small (from our experience hiring), and most of them already work at Apple or Kagi. Meanwhile, managing an open source codebase of this size would add real strain to our small team.
The plan is however to open source when Orion is self-sufficient (business model of Orion is you are the customer and can pay for it - like we used to pay for browsers 20 years ago before advertisers started paying for our browsing), meaning it can sustain its own development independent of Kagi Search. I want to take the opportunity to thank all people who supported the Orion browser vision [1]. We're not there yet but recent 1.0 launch and expanding to Linux are steps in that direction. And on Jan 1st this year we began development of Orion for Windows (HN exclusive yay!).
I understand this is unsatisfying to people who want source access now. It's a tradeoff we've made deliberately, not something we're hiding behind.
[1] https://kagi.com/stats?sub_stats=orion
I'm a kagi user, and as many have said, I will not use Orion until it is open sourced.
I understand your position, but a web browser is so important a software that it must be open.
I also think that you can still sell it even if it is open source.
Also, you might be able to secure funding from governments that want to move away from closed source solutions.
Anyway, still congratulation for v 1.0, and I hope it will go well.
> The plan is however to open source when Orion is self-sufficient (business model of Orion is you are the customer and can pay for it - like we used to pay for browsers 20 years ago before advertisers started paying for our browsing), meaning it can sustain its own development independent of Kagi Search.
Orion will never reach "self-sufficiency" as long as you don't actually charge for Orion. Orion is completely free to use. I can donate to Orion+, but Orion+ offers no paid features; it's basically a Patreon. https://help.kagi.com/orion/orion-plus/orion-plus.html
(No major browser has ever sustained its own development independent of a search engine's funding, not even Netscape, which charged $40/seat in the 1990s, with a free "shareware" tier so generous that hardly anyone paid. Netscape was funded by advertising, especially from Yahoo search. Funding browser development entirely on donations to a commercial business would be completely unprecedented.)
What if, instead, you made Orion "source available" to paying customers, but not open source? You could merge PRs only from users who sign a CLA. (Users would file PRs out of charity, for the same reason they sign up for Orion+ today.)
> managing an open source codebase of this size would add real strain to our small team
Can you please elaborate what do you mean when you say this? This is something I do not understand. How licensing terms affect your codebase management beyond setting things up so the code is available to users?
Publishing something under a FLOSS license doesn’t mean anything except that you grant end-users certain rights (the four essential freedoms). The rest (like accepting patches or supporting external developers) is customary but by no means obligatory. You don’t have a capacity for it - don’t do it, easy. There are thousands of developers who do that - they just dump whatever they have under a nice license and that’s it.
Unless you’re saying your legal department doesn’t have capacity to handle licensing concerns, especially if you’re using or potentially using non-FLOSS third party components. That I can totally understand, it could be pretty gnarly.
Please don’t be mistaken: Free Software is a purely legal matter of what you allow users to do with your work - not some operating principles or way of organizing processes.
Note: All this said, I can understand that you may not want to grant some freedoms to the end users, particularly the freedom to redistribute copies, because this could affect your plans of selling the licenses. But that’d be a whole different story than codebase management concerns.
> you’re saying your legal department doesn’t have capacity to handle licensing concerns
My read is their legal department isn’t fleshed out enough to defend the work when e.g. a tech giant steals it.
What’s the threat scenario and “defense” here?
As I wrote, If the concern is that they cannot figure out a way to distribute it as paid software as others may redistribute it for free, that’d be a valid point of concern (and there are plenty of options). But that’s not what they’re saying.
> What’s the threat scenario and “defense” here
Someone steals their work. Violates the license. To defend their rights Kagi has to sue or lay down. Not giving away the keys to the kingdom until that ability to defend is established just underlines that they're doing valuable work.
Pardon my skepticism but I don’t believe that’s a realistic threat model. Yea, purely hypothetically that could happen. But realistically, why would someone do that - what’s the point? Especially so it’s severe enough to warrant a serious legal battle that takes more than a few sternly worded DMCA-like emails to hosting providers?
Mind you, if we’re talking about hypotheticals, someone can ship a differently branded or malware-ridden (or idk what else, my imagination runs dry pretty fast here) version of their binary distribution without any source code access just fine, violating licensing all the same. Patching unprotected binaries is pretty easy, frequently much less demanding than building from source. And with all due respect to the good work they’re doing, I highly doubt Orion team needs to buy a Denuvo license, haha.
(And, as I said, it’s not even remotely what they wrote.)
Are you looking for people who worked on WebKit in the past?
I really hope you refactored WebKit's Bridge, because it allowed a lot of exploits in the past, and was neglected upstream by Apple.
When I started my RetroKit fork I was aiming to reduce that attack surface while offering farbled apis based on other browser behaviors and their profiles. [1]
My fork has been neglected a bit due to lack of time, as I'm currently still busy with other APT related things before I can get back to it.
Would love to chat whether your plan is to open source your WebKit fork, maybe there's some overlap and we can work together on it?
(I currently hope that ladybird will be getting into a more forkable and modular state, because servo passed by that goal a long time ago).
[1] https://github.com/cookiengineer/retrokit
Thanks for responding. Orion on iOS with extensions has been outstanding.. looking forward to linux version.
Which extensions do you use? I was never able to get them to work. d reddit redirect, for example, never once redirected a reddit link to old reddit.
I've found a few that work but many can be buggy or non-functional, just depends on the extension. The only one I use currently is called "Control Panel for Twitter", which seems to work pretty well.
The big one being ublock origin
Doesn't actually work: https://news.ycombinator.com/item?id=46555554
My experience is that one doesn't actually work, though the built-in ad-blocking does work quite well.
Having access to the source is just one part of open source.
The state of webkitgtk is a bit rough, as I’m sure you and your engineers have noticed. The other part of what open source means to people is that you contribute back to the open source code you used to build your business, lifting all boats in the process.
What people certainly do not want to see is Kagi pull an Apple: utilize FOSS to the extent it helps you but return nothing but “thanks everyone but we got ours”.
earlier in the thread I read nhe plan was to release the source "when it has merit" But that instantly left me with the feeling that the authors of the browser, and I have very different opinions on what the word merit means. Such that they would be incompatible, and I'd never want to use it. This is a decision that has lowered my opinion about exactly how much I can trust Kagi.
> Kagi founder here. Orion isn't open source yet primarily because we're a 5-person team that spent 6+ years building this and created significant IP doing so,
But it's possible I haven't considered some detail where I might agree it's reasonable. Can you describe or offer any insight into the "significant IP" that you need to protect and defend? What threats from a larger company are you primarily concerned about?
Thanks for being so transparent about this. As a Kagi search user since the beta, I appreciate what you are doing. Good luck!
The GPL has pretty good legal precedent, and so does the MPL in the browser space (though, Firefox has mozilla behind it so it gets the enforcement benefit). If the SFC wins its vizio case, would you look into freeing orion?
Thank you for building orion. Thanks for the explanation and it all seems perfectly reasonable to me and your choices are solid.
we used to pay for browsers 20 years ago
I've been online for about 30 years, I have never heard of paying for a browser.
As an example, Opera was payware for the first ten years of its existence. I remember trying out a demo of it included on a CD decades ago!
I can live with that compromise for now. Thanks for the lengthy response!
When you do release it, do you know yet if you plan on releasing the full change history? Or would you start with a snapshot at the ~release date?
Enjoying Orion with uBlock on the iPhone, thanks for making it work!
uBO is not technically working on Orion for iOS. We do not have permissions to run certain web extension APIs on iOS needed for uBO feature set. The adblocking you witness is thanks to built in native adblocker in Orion.
We support Kagi across products. We believe alternate browser engines keep the web standard. We give more weight to that than to whether a particular browser's value add (on top of a double digit* but non-hegemonic engine) is open.
We believe software and hardware creators have a right to choose their business model and let that model compete, as Kagi's is competing right here in this thread.
* Having worked at mega banks etc., they do look at these numbers to decide whether to invest in standards support or slap on a "Requires IE" button.
I am generally ok with things being proprietary if they want, and I'm mostly ok with Orion being proprietary, but I do understand peoples' issues here.
For a lot of people (even relatively geeky people), their computers end up being "an interface to use a browser". People use their browser to file their taxes, to write their documents, to manage their websites, to create websites, to look at porn, to pirate movies, to chat with their friends, to send/receive money to their bank, and a whole bunch of other things.
It would be hard to imagine a piece of software that is capable of knowing me more intimately than my primary web browser, and as Google has proven, this intimate knowledge is valuable. Companies pay boatloads of money for large quantities of personal information to target ads (and probably a bunch of other more disturbing things).
I genuinely don't think freediver is lying; I believe him when he says there's no telemetry data being sent and that it's not tracking me, but there's the sticking word: "believe". I have to trust him, which wouldn't necessarily be the case if it were FOSS.
Now, granted, I could always run Wireshark or something to ensure that there's no telemetry data being sent regularly, but that only protects you so much; for all I know, they could be taking steps to actively make it look like they're not sending data, or they could be batching up N days of data and sending it in batches so it is not as obvious that telemetry is sent.
Again, I genuinely don't think they're doing that, I believe them, but I do see peoples' points.
What is the UI SDK used for Windows version?
I would ignore the haters, keeping Orion proprietary makes the most sense for being able to successfully charge for it as a commercial product. You can't sell an OSS product, only supporting services, as many many startups have realized and been forced to relicense to much anger within their respective communities.
And when the market is going to be primarily technical people I don't think you can trust them/us with source-available either as hackers with a strong aversion to paying for software thinking themselves clever will make and distribute bootleg builds with the license checks removed. Then you'll have to spend your time finding and DMCAing them which will only make people mad. Best to avoid it entirely.
I appreciate you/Kagi actually thinking about building a sustainable business in contrast to companies that open source their core competency and then fail to make money later.
Source: happy paying customer and user of Orion.
Especially because WebKit’s lineage goes all the way back to KHTML. It’s nice to see KHTML come home to Linux but it does need to be open source.
Come home? It never left it. Konqueror, the software where it all started, still is a core KDE app. WebKitGTK, arguably the most portable WebKit distribution and what Orion itself uses, has always been Linux-first.
I can’t speak to whatever konqueror uses these days but webkitgtk is notoriously behind and difficult to work with. You can read posts from the Tauri devs questioning their entire approach on Linux due to it.
I really hope Kagi contributes back upstream to improve the situation, it’s needed.
Edit: looks like konqueror uses qt web engine which is chromium. The irony of the KDE browser abandoning WebKit while the GNOME browser still tries to use it is too much.
It seems weird to worry more about that than about the Chromium hegemony to where Chromium is becoming the only way to move money online.
What do you mean by "move money?" Do banks not support Firefox or Safari?
Why does it seem weird? I run a lot of proprietary software on linux. Actually made a career of it. I also run a lot of open source whenever I can, but I'm pragmatic about the whole affair. I think most users are like that.
Just curious, but is this really a big deal? As a customer, you already trust Kagi enough to feed them your entire search history, so I guess you don't think they're bad actors. Thus, why you find problematic the (momentary?) "unopeness" of the browser? I'd gladly try it (I'm on Arch), even just out of curiosity (unlikely to make it my main, though).
Jeez, downvoted for asking about context? People, calm down.
Requiring it to be open source is not just about trusting the publisher. There are a bunch of other possible reasons, including wanting to support open source as a counterbalance to proprietary software.
For me, it's a big deal (although not a dealbreaker) for that reason. If I have the option of two different pieces of software, one being open source and the other proprietary, I'll choose the open source one every time unless there's something really exceptional about the proprietary one. But that's very rare.
I was just trying to think of any proprietary software I use outside of work (where I don't have a choice) or games. There must be at least one, but I can't think of what it is.
Understood. Obviously, all things being equal, I prefer (F)OSS too. Anyway, I'll probably play a bit with Orion, if possible.
Side thought: nobody's ever asked us to open source Kagi Search. Curious why the expectation differs.
Because Kagi Search is a service I subscribe to. A browser is a program I install. That difference means everything.
But since I have your attention, I just want to add that I'm a huge fan of Kagi Search and it's well worth the money I spend for it. I love the work you guys are doing, and that love is the reason why I'm even thinking about using Orion. But they are two entirely different use cases.
I am pretty sure the expectation would be different if Kagi search could be self hosted. Linux people have come to expect open source for code they run on their own machines. Historically closed source Linux software has run into a lot of problems with dependency version mismatches as libraries get updated through the distributions package manager.
I'm not the one running Kagi on my computer, and the expectations of software ran over a network are and should be different from software I run on my computer
About half a year ago, I ran into an instance of a user who requested more openness[0] regarding the sources Kagi used - initially there was a list that was available, and then it was removed. I know it's not exactly the same, and it's been a long time since that request was made, but if you happen to read this, I second their request.
Personally, I think it would be incredible if you open sourced your search engine. But like someone else said more eloquently, software runs on our computers. And to me, open-source software is table stakes when there are viable alternatives.
https://kagifeedback.org/d/252-show-source-of-results/49
Please do that too!
There aren’t great open-source search engines, so I’m moving from one proprietary option to the next. But there are great, open-source browsers already, and I refuse to go backwards.
If a good, open-source search engine were available, I would leave Kagi for it.
Yup, I was about to comment on that as well, but didn't want my question to be interpreted as polemic.
Code you run on your machine outside of a browser sandbox vs content served by an HTTP endpoint to your machine.
Kagi Search runs on your computers, Orion runs on ours.
> As a customer, you already trust Kagi enough to feed them your entire search history, so I guess you don't think they're bad actors.
Do I? I'm not going to post sensitive information into a search engine no matter who runs it.
My search history ain't worth much. What the contents of e.g. my bank website are is.
There’s still trusting Kagi that what’s in the binary was built from the open source code right?
I can build it myself and skip that step. Or, if the build process is reproducible, you can make trust less of an issue by having a small handful of independent people run their own builds and post their signatures. That way you need those people to all collude with Kagi to forge a bad build. This is how e.g. bitcoind binaries are handled.
With reproducible builds, and the way most people get packages, from their package manager: No.
Fine. Thank you for the clarification.
> you already trust Kagi enough to feed them your entire search history
Not necessarily, Kagi provides a feature[1] that anonymizes all your searches. I set it up and haven't thought about it since.
1. https://help.kagi.com/kagi/privacy/privacy-pass.html
They give you a key and only if you have a higher tier account. The act of doing that requires that there is a step in the process where they know you’re requesting a key and who you are. They could bind them in the backend if they wanted, before giving it to you.
You’re still trusting them. Not to mention they could round them all up by IP or browser fingerprinting.
There is still some level of trust.
I happen to trust them enough for that; but it is still trust.
I am not an expert in the underlying cryptography, but the claim is indeed that the cryptographic approach makes it impossible for them to link the key to the queries in the backend.
Sure! But there is a stage where they generate those keys for you and give them to you. You need to be logged in to get that page. That is trust there.
No, issuer-client unlinkability is a feature of the design. The token is finalized by the client using private inputs so Kagi never actually sees the redeemable token (until it's redeemed).
https://blog.kagi.com/kagi-privacy-pass#token-generation:~:t....
https://www.rfc-editor.org/rfc/rfc9576.html
Using the example doc you’re citing from kagi.com - though not the RFC, I don’t have the time to dive into that one at the second, I see that a session token plus some other stuff is passed in and a token comes out.
Where does it show that on the Kagi backend they couldn’t, theoretically, save the session key before performing the token response?
Sure, they probably do. Doesn't matter because neither the session key nor the token response can be linked to the tokens.
If you're not going to make an effort to understand how it works, don't make assertions about how it works. Ask your favorite LLM about the RFC if you have any further questions.
> Just curious, but is this really a big deal?
Yes, it's a big deal. I've lived in the non-free software world before and struggled to get out. I'm not going back.
Because free (as in the FSF definition) software should be a human right. We deserve to know how our tools work and be able to improve them and use them as we please. Free (as in freedom) software doesn't need to be monetarily free either. Make it so the purchase of orion comes with the binaries and a copy of the source code, or provide it on request. This has proved to be sustainable before, arguably the defacto standard for pixel art is (or was before a license change made it so you can't redistribute the source code) free software, despite costing money
Google started as a company that seemed worthy of trust. The founders had ideals and followed them. Look what happened. Companies can turn evil surprisingly quickly. I'm also a Kagi customer, but I wouldn’t use a closed-source browser either.
I also would like to try it, but won't touch it until it is open source.
In my opinion open sourcing something is a privilege, not a duty.
Feels weird in what way?
Even if it was open-source, I already have more than enough webkits on my Linux, I don't need another one.
Aren't most browsers Blinks? (Yes, I know that Blink was forked from WebKit and WebKit was forked from KHTML.)
Yeah. The only webkit browser on linux aside from orion is GNOMEs browser (which frankly kinda sucks, which is why I want orion open-sourced so that GNOME can take its work on webextentions when they become supported)
Wild that I can't use Kagi in Safari on iOS, where my search options are still locked down to three~four Apple-approved choices, of which at least one is just a multi-billion-dollar paid product placement.
(Yes, I know about the extension that hijacks your searches to redirect them to Kagi, but how is that an acceptable state of affairs?)
Since search engines are queried with a URL with a parameter for the search term, browsers could simply allow "power users" to enter a custom URL. Voilà — support for every imaginable search engine and they can still make their billion dollar deals for providing default search engines. That's how Firefox does it.
I think thats how everyone but Apple does it.
I just tested Brave. It's possible to set anything as the default search engine, but the UI hides it really well. They sure don't want you to find out. You have to add it as a site search first (which is a different section), then you can make that "default", which moves it up to the search engines and makes it the default search engine.
And sure enough, Safari on macOS seems to not allow it at all (needs extensions).
I was completely surprised as soon as I read your post that you couldn't add search engines on safari, and then I was completely unsurprised a moment later.
This upsets me as well. I’ve sent Apple feedback[0] about it, I suggest others do the same.
I wanted to use Safari at work, but this proved too big of a barrier. I can’t use the App Store at work, so no extensions. I was more willing to give up Safari than Kagi.
[0] https://www.apple.com/feedback/safari/
Just submitted feedback as well. This is honestly what’s holding me back from buying a Kagi subscription at this point. Here is what I submitted:
I’m requesting that iOS Safari allow users to set any search engine as their default, rather than limiting choices to a pre-approved list. Currently, Safari only offers Google, Bing, Yahoo, DuckDuckGo, and Ecosia, preventing users from choosing legitimate alternatives like Kagi.
While workarounds exist, they’re cumbersome and don’t provide a seamless experience. Please consider allowing users to add custom search engines as default options, similar to macOS Safari. This would enhance user choice without compromising security.
Thank you for considering this feedback.
> This is honestly what’s holding me back from buying a Kagi subscription at this point.
The extension is working really well for me. You could always try it out with the free version to see if it works for you as well.
Don't let this hold you back. Use a mobile browser that lets you use Kagi; it's worth it.
Or even better, a computer that does things when told.
Arm macs are very hard to walk away from.
My dream is some of boot-to-Ubuntu setup, or even running it simultaneously.
If you can tell me what phone can give me access to all the standard apps I would need, has good build quality, doesn’t funnel my data to Google, is backed by an entity capable of providing multi-year device support, has cloud storage integration that lets me keep my data securely offloaded from the phone’s storage, can handle modern apps and websites as far as performance, has a very good camera, and has the equivalent of AppleCare such that if/when I shatter my screen I can replace it for $30, I am all ears.
I have a Pixel 8 running GrapheneOS and it does most of the above: - slightly lesser build quality than my iPhone 15 Pro but comparable - doesn't funnel data to Google unless you explicitly let it, you can circumvent a lot of the Google Play stuff by restricting permissions and using Aurora Store - is backed by, well, Google and the Graphene team porting over security updated. They have a fairly good track record by now. - can use any of the N backup services that already exist unlike the iPhone's silly restriction on background apps - don't notice performance differences between it and my iPhone 15 Pro in day to day use. If anything, biometrics are way faster on the Pixel since iOS 26 made FaceID slow as molasses for me - the default camera is pretty good (uses all the Pixel fancy processing hardware) but if it's not good enough you can just install the stock Google camera which works fine. You can turn off network access if you don't want it snooping. Photos are neck and neck with the iPhone but the iPhone is way better at videos, no Android phone has cracked that yet IMO. - Yeah, but no other brand can give you an AppleCare experience. Best option is phone insurance and just getting a new Pixel if that happens. Graphene can do full device backups via Seedvault and it's not that much more of a pain to restore compared to an iPhone backup. Granted, it's jankier but it's not impossible. The other issue is that Pixels are not a thing in a lot of countries, Apple really has the edge here but I'd take that risk over the UX shenanigans they pull nowadays with their latest updates (god is it awful)
Oh that is quite interesting. How difficult was it to get Graphene on it? How difficult would it be for a non-technical person to do it and use it?
I haven't found one. I don't carry a phone unless I have a specific reason (ie: gps). I use my desktop or tablet (Daylight Computer) with a voip service (jmp.chat) when I need to use a phone number, and I carry a Sony ZV-1 in my pocket for my camera.
The problem is that I like how Safari works better than any other mobile browser I have used. Wish I didn’t.
When was the last time you tried Orion on iOS? It's gotten noticeably better, and works as well as Safari for me these days.
I tried it recently when the macOS version went to 1.0. Dealing with tabs felt more cumbersome than Safari and I ended up switching back. Safari is better at getting out of my why, which is probably why I always go back to it. This has been a pattern for a couple decades now.
> This is honestly what’s holding me back from buying a Kagi subscription at this point.
I am pretty that is exactly the point for Apple.
IIRC all are product placement/ads. Listing requires paying Apple.
Wild that my Huawei phone running Harmony OS allows to you customize the search engines in the default browser and iOS does not.
My pixel phone running stock android lets me change the search engine in Chrome[0] as well. It's kind of crazy that Apple still locks this down.
[0] Not on the home screen, but I'll take what I can get.
Move to Japan?
I've been a Kagi user for months now and was really looking forward to testing this. However, I cannot find the download link. The page does not really contain any information on an actual release.
EDIT: I found this in the docs:
> The alpha version of Orion for Linux is currently only available to [Orion+ supporters](../orion-plus/orion-plus.md) and can be downloaded from the [Billing Dashboard](https://kagi.com/settings/billing) under the Orion browser section.
So I still can't test this. Only for Orion+ supporters.
Yeah I don’t see it on https://orionbrowser.com anywhere. It’s probably a private alpha.
Found it
https://cdn.kagi.com/flatpaks/oriongtk.alpha.external.flatpa...
I gave it a try. it's super rough around the edges. I noticed a much higher cpu usage compared to firefox. nevertheless, it's super promising.
Previously, my comments on Kagi were about one thing: counting queries felt like a chore, so I stayed away. I did give it a try mainly for the privacy angle. After that, I switched to Perplexity and was happy for a year, until the familiar VC backed pattern showed up: ads, even for paying users. This year I upgraded to Kagi Ultimate, and honestly, it feels like they’ve found the sweet spot. I hesitated at $25 at first, but the search experience plus the assistant (and the ability to pick the models I want) along with privacy won me over. I’m also familiar with Orion since I use it as the app for kagi experience for AI chat and search. It could use an update for better assistant experience. Keep up the good work, Kagi.
I love Kagi. I understand the niche this fills. I even understand not open sourcing it yet.
But what I really miss is a self-hosted sync server. I don't want to use a browser without sync, but I also don't want to trust this data with any 3rd party other than myself.
It's one of the main reasons I'm using Firefox, since that is the the only browser that even vaguely supports this - albeit not well.
I tried the macos and ios versions of Orion yesterda and it was a great experience.
I've used Brave from the beginning but it has become bloated with web3-related stuff and has outdated UX (imo) on mobile.
Orion desktop is inspired by Safari, Arc in a best way. Ad-blocking and chrome/firefox extensions from the beginning, convenient vertical tabs, mature level of ui customization.
Glad it see on Linux too.
Orion has come an extremely long ways on iOS and macOS. I daily drove it for a couple months maybe a year and a half ago and it had a lot of little rough edges and was slightly broken on a number of websites.
I’ve picked it up again as my daily driver as of the new year and haven’t had a single issue yet. It even blocks ads in YouTube now - only Brave did that previously.
For me - Brave was the best browser product. It’s ad blocking is truly phenomenal and nearly every site “just works”. But I don’t love the ethics of Brave and certainly not its founder. So I am extremely excited to have Orion take over that niche of the browser space that I most care about.
That's why I hope Brave will eventually launch Brave Origin, a buy-once premium build of Brave, despite the previous large backlash against it from Internet users (especially on Reddit). I like the idea of a paid but well-made, no-nonsense, no-bloat, no-ads, etc. browser, and I feel like Brave developers wanted their browser to be like that, but the pursuit of revenue stream led them to sidetracking into crypto, AI, VPNs, ads business, et al, and all the controversies over the years that came from that.
In the meantime I'll give Orion a try as soon as they introduce cross-device sync.
Also I had never heard of Brave Origin before. This is interesting. I suppose it depends on price but I may consider switching to this on Windows and Linux when it’s available.
It has cross device sync via iCloud. I don’t have it enabled tho - so can’t say how well it works
I just switched to Orion on iOS to kick off the new year and it is MUCH better than where it was just a few months ago.
I used it for close to a year and abandoned it because I kept running into issues with tabs getting randomly reloaded and extensions causing trouble.
What would you say has changed over the past few months? I just felt like Kagi wasn't prioritizing Orion development enough, being busy with their main Kagi subscription and all.
Is the 1Password extension still not working on it?
I really want to switch, but no 1P support makes it really hard, unfortunately.
Are you talking about on macOS or iOS? On macOS I think the 1Password extension has always worked for me? At least it definitely does now. What issues did you have with it? On iOS I don’t use the extension - I’ve got 1Password set up as my default password store there.
I hope they upstream their implementation of Web Extensions to WebKit.
I'm not interested in using a proprietary browser, and hope for a release under a free license at some point. But a free WebKit-based browser with Web Extensions could have interesting properties regarding battery life on mobile GNU workstations.
I don’t think WebKit would be particularly interested in this.
If there's one thing they should release as free software it's this. I'd be disappointed if Orion never becomes free software, but it would hurt a little less if GNOMEs epiphany could benefit from the extension support
I think this is great. True native Linux-first power user browsers are nearly an entirely unserved niche. We've had them on macOS in various forms over the years (with OmniWeb being the original), but for a long time the only browsers built to integrate well with Linux desktops were minimal and light on features (like the WebKit version of GNOME Web/Epiphany).
It probably matters less to Linux users who do the minimal tiling WM thing, but as someone more drawn to traditional floating DEs it's always bothered me how alien the browsers one might actually want to use feel running in a GTK or Qt DE. Themes can help reduce the gap, but it never disappears — that last 10-20% always remains as an unavoidable side effect of how the big browsers are built, with it being particularly pronounced with Firefox and derivatives.
Of course a GTK based browser like Orion isn't going to feel the best under a Qt desktop like KDE, but GTK themed to match Plasma is a good deal closer than the bespoke UI found in e.g. Firefox or Chrome.
Firefox fills this niche fine, and it's actually Open Source to boot. The community doesn't really have a need for a "Linux-first" browser that treats Linux like a second-class, alpha-quality citizen.
I can't agree. Firefox is great, but I think its UI drags it down in various ways. It being built the way it is was a boon back when extensions were capable of radically changing the browser's UI, but now it simply puts a (unfortunately low) hard cap on how excellent its UI can be.
Funny enough, Epiphany used to be a more power user oriented browser, and it used to be powered by none other than Gecko. Unfortunately, Mozilla killed embedding in Gecko and that (along with related projects like Camino and K-Meleon) came to a screeching halt and Gecko became hard coupled with Mozilla's UI decisions.
Love to see it. I've been a paying Kagi member for three years (!), and for now I trust them more than Google, but I echo the other users' concerns that to switch to this long term I'd want it to be open source.
I first used Orion a couple years back and it was already pretty good back then. Super cool to see it coming to Linux!
I must +1 that no matter the platform (this criticism is not limited to Linux), the open source option is almost always my choice, especially for something as important as a browser. This is a big reason I don’t use Orion today, even though I have big issues with the other available browsers.
In case anyone is like me and has never heard of Orion, apparently it's a browser
Orion is the only modern piece of software that has ever made my mac less stable as a system.
I don't know what they do, but it caused weird graphics glitches and kernel panics simply from running in the background.
If I'm a linux user who uses firefox currently, what's the value prop for this browser? I already get privacy and extensions, is it just for testing my app on webkit?
The main benefit is that Orion (contrary to Firefox) has a business model. The downside is that it's not open source. They have some explanation on why, but it might be a deal breaker for someone.
Firefox has a business model, it is mostly "google search referrals"
You can already test a site on a webkit engine in Linux using Gnome Web (previously Epihany) or LuaKit ( https://luakit.github.io/ ). But it is always good to have options, even if commercial ones. From that aspect Orion on Linux is good news.
As I understand it, Orion was originally developed because Apple doesn't allow you to select Kagi as a search provider for Safari.
A poorly made page. I don't know what an Orion is. I didn't learn it after skinning through the page. Now I don't even care.
That's because it's a docs page. Product page here https://orionbrowser.com
Is the Kagi Orion browser going for the "we hate loading and looking at ads, and maybe this is better than Chrome with uBlock Origin Lite" demographic?
(They don't seem to be going for the "serious, clueful privacy and Internet freedom" demographic, or they wouldn't be using Discord.)
There is some strange irony in this. Apple initially used the khtml code-base to build Safari but it quickly became impossible to back-port the changes from the Safari branch of khtml back into Konqueror. Now, 20 years later, someone has made an open source version of Safari.
Who?
Maybe not Kagi, but GNOME Web (Epiphany) technically qualifies: https://gitlab.gnome.org/GNOME/epiphany
I'd like Psylo [1] to be available on other platforms like Linux and MacOS. Psylo puts each tab behind a VPN and give them their own cookie storage space. It feels like a dramatically more private tool than Orion.
I tried Orion in Dec 2025 and it crashed more frequently than I could handle. It and/or VPNs I was using worked poorly with websites that I want to keep a page open on for days at a time.
[1] https://mysk.blog/2025/06/17/introducing-psylo/
I use Zen and recommend people give it a shot. It's really good.
Congratulations on your release! Looks great. Runs great so far. I was able to log into HN just fine on Fedora.
What are your thoughts on upgrading gnome 48 to 49 as a dependency?
It's a shame this isn't open source, since Linux users are disproportionately likely to scratch their own itches.
Regardless, great to see this come to Linux.
I love what the kagi team is doing, and being some of the first innovators maybe since the ladybird(?) browser, even if it's using the same base of webkit, not being a fork of chrome or firefox. I wish they'd bring it to android, but it doesn't look like they're interested.
Kagi is a pretty small team and they’ve got a LOT on their plate. Orion started on macOS and was in development for 6 years before finally hitting their 1.0 release in November. Give it time - I’m sure they’d love to support just about every major OS and platform.
It seems like their stance is more a matter of development resources rather than a deliberate decision.
https://orionfeedback.org/d/2321-orion-for-windows-android-l...
It is interesting that they don't mention future Android support anywhere on the website, but it does seem like they are (or at least were) open to the idea someday.
Oh just in time. Trying to switch from macOS to Linux soon.
Nice. But I stopped using Orion on macOS when they stopped offering complete offline installers. They taut they are a zero-telemetry browser, as proof that they are privacy conscious about user data, and that was a good feature and overture. But then when they create technical avenues to (possibly) bypass that (like using online installers that can do all kind of data collection) it becomes harder to trust them as it follows the tried-and-tested path of other companies that have claimed to care about user privacy, to increase their user-base, and then betrayed their customer base by harvesting their personal data.
I really like Kagi because of all the features and just generally letting me be a user instead of a product, but they have some weird kludges sometimes.
The weirdest choice at the moment is by default Kagi sends a referrer when you visit a search result. There's currently ~65.000 Kagi subscribers worldwide, so just that lone data point completely destroys any anti-fingerprinting you're doing. And probably these subscribers are divided among time regions, so not all are active at the same time.
Even if you are on a VPN and visit site #1, then site #2, you are already cross-site trackable because it is very unlikely you are on the same VPN vendor (and endpoint) as the other subscribers. If you add in more data points like browser, OS, screen size and the like it becomes even more grim.
They have the referrer enabled because it helps make admins aware I guess.
You can turn it off (Settings > Privacy > Hide Kagi referrer), but defaults matter.
Thanks - I also turned it off. I guess it's a marketing thing for them, but it feels like it goes against the ethos of the company. Particularly given the fact they are clearly aware of this as they put it in the 'Privacy' section.
Woah didn't realize this was the default, turning this off, thanks!
> online installers that can do all kind of data collection
"Can" is doing a lot of work here. A browser's whole purpose is to be online, after all. If they were trying to collect information about you, they really don't need the installer to be the thing that does it. It would be an impressive reversal of their whole premise as a business if their browser's installer was the piece that was violating your privacy and not, you know, their whole service (that you have to be signed in to).
> If they were trying to collect information about you, they really don't need the installer to be the thing that does it.
They do, if they are being duplicitous about their intent to not harvest user data.
If their browser was a data harvester from the get go, no one who is aware, and worried, about surveillance capitalism would have bothered to use it. And note that they had no problem in offering offline installers in the beginning. Now, once their base has grown, if they have a malicious intent (now or in the future), they can use the online installers to gather our personal data surreptitiously - for example, by profiling our hardware and (if you already had Orion installed) our settings, our bookmarks, our browser history etc. and use that commercially. It also allows them to install unwanted software on our computer in the future (I don't know if you are old enough to know - look up the browser toolbars era).
If their intent to respect a user's privacy is honest, offering an offline installer shouldn't be a big deal. (As far as I am aware, apart from Apple Safari, they are now the only browser that don't offer an offline installer).
> A browser's whole purpose is to be online, after all.
Not its whole purpose. I use browsers offline fairly often.
Offline installers (for any piece of software) are important to me because they allow me to keep a backup of the installer and won't restrict me when I don't have internet access. Keeping a backup is important because it lets me install older versions of the software when needed.
I respect your choice, but browsers are the one piece of software that you never, ever want to run an outdated version of. Websites really just don't stop working for new versions of browsers; browser/standards compatibility essentially only improves with time. The only thing you're getting with an old version is all of the security issues.
It depends on your use case. As I said, I often use browsers offline. Offline use makes security issues much less problematic.
Shame it's GTK but oh well, still a welcome sight.
Download link https://cdn.kagi.com/flatpaks/oriongtk.alpha.external.flatpa...
Orion is their browser built with Webkit.
It's rough, but I like it. Definitely an alpha, but wonderful to see them thrive.
Curious why they would use webkit, I checked their FAQ, but couldn't find any answer.
I’m in favor of browsers going with anything that isn’t Chromium, to slow Google’s complete ownership of the browser.
It was a good choice for macOS and also works on other platforms.
Guessing: it's not Blink, but it's easier to work with than Firefox's engine. I know people fork FF, but I vaguely recall hearing the engine itself was harder to separate and integrate into other systems. I'm sure someone closer to the issues can correct me.
It also runs on iOS/iPadOS and Webkit is the only allowed engine on these platforms (outside Japan).
You have to use the system Webkit though, right? So even though Orion is based on Webkit they are still constrained compared to other platforms, where they can patch the engine if necessary.
That limitation is only on iOs, though.
The same restrictions apply to iPadOS.
Battery life and performance on MacOS
chromium is the devil and I understand them not using it, and when Orion started development firefoxes engine wasn't really re-usable iirc. Plus it started life on MacOS
Whats special about Orion? Why would I use it instead of FF or even Chromium?
I think Kagi at this stage have a better reputation than Mozilla, and Chromium is not seen as sufficiently independent from Chrome, and hence from Google’s anti-user decisions.
That said, closed source is still a deal breaker for a browser for me, or I’d probably already be using Vivaldi.
The built in ad blocker is phenomenal. Only Brave is as good on this front. It supports extensions from both FF and Chromium. It has a really neat integration with Kagi private search in private tabs. Kagi as a company has generally pretty good ethics and respects their users. That’s enough to make it compelling for me.
> It has a really neat integration with Kagi private search in private tabs
What's the integration you're referring to here? This was something I was interested in, but as far as I can tell if I enable Kagi Privacy Pass it's enabled browser-wide, not just in private tabs.
Ah - I just did not realize that privacy pass was available as extension to other browsers but of course that makes sense. It’s built in to Orion. You still have to enable it when you switch to private tabs. It’d be nice if it was automatic!
FF and Chromium are controlled by the biggest advertising company on the internet, while Orion is developed by a privacy focused search engine.
But isn't it basically also just a rebranded Chromium clone, thus still heavily depended on G?
Orion is using WebKit. Chromium itself was a fork of WebKit. I don't know how much Chromium code gets upstreamed to WebKit any more, but Google certainly doesn't control it the way they do Chromium.
WebKit development is mainly driven by Apple, which isn't great from the perspective of having a browser free of corporate influence, but I trust them more than Google.
No, it is not.
It uses webkit, which is what Blink was forked from but likely has more in common with Safari at this point.
It's a webkit browser.
Don't worry about it, you're not even invited to use Orion.
lol
Nothing, really, other than it being closed-source, based around Webkit and to be sold/distributed under the Kagi moniker. If that combination scratches your itch this is for you, otherwise there are many alternatives.
There is no legitimate reason for a web browser not to be open source.
I am not touching this with a 15m stick.
Just use Yandex browser and skip the middleman
I like Kagi and pay for it. I've been impatiently waiting for Orion to come to Linux. But I won't run closed source.
This is a huge disappointment.
Has Orion gotten significantly more stable in the last year? The last time I tried it, on iOS, it crashed a lot.
I use it as my main browser on Mac and iOS since some time. It's stable enough, but there are _some_ sites that will not work. They are very few, but it happens. When it happens at the end of a long process (maybe registering) it's particularly painful, but in general it works just fine.
That was my experience like a year and a half ago too. I switched back with the new year (and also realizing it finally went 1.0 around Thanksgiving). It’s only been a few days but it’s been totally stable so far!
No source code? That's pretty disappointing, and makes it DOA for most Linux users.
Most Linux users couldn't care less whether or not their software is open source. They are drawn to Linux for practical benefits, not ideological ones.
Most Linux users don't care, full-stop. It's the distro maintainers that decide which browser is default, and a proprietary browser has no shot at replacing Firefox in this regard.
kudos for not doing yet another chrome clone.
A closed source wrapper around a web view? I have to advise that no one install, never mind use, this closed source, proprietary blob. Especially not for anything confidential like banking, health, etc.
Hmm. So from Mac to Linux?
Homebrew also initially had mac only support, later Linux. But it always felt as if Linux was a second-class citizen. Is that also the case for Orion?
Lowkey I wish Perplexity would do this for Comet, idk why but I use the heck out of their browser on my Mac. I dont always use the "browser agent" stuff (lol!), and I dont use it for EVERYTHING, but you spend so much time looking things up, and sometimes its nice to just be able to highlight text on a page and go "yo ELI5 this for me pls I feel dumb" and it just does it.