Rendered at 10:48:10 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
brucehoult 10 hours ago [-]
Out of interest I tried running my Primes benchmark [1] on both the x86_64 and x86 Alpine and the riscv64 Buildroot, both in Chrome on M1 Mac Mini. Both are 2nd run so that all needed code is already cached locally.
x86_64:
localhost:~# time gcc -O primes.c -o primes
real 0m 3.18s
user 0m 1.30s
sys 0m 1.47s
localhost:~# time ./primes
Starting run
3713160 primes found in 456995 ms
245 bytes of code in countPrimes()
real 7m 37.97s
user 7m 36.98s
sys 0m 0.00s
localhost:~# uname -a
Linux localhost 6.19.3 #17 PREEMPT_DYNAMIC Mon Mar 9 17:12:35 CET 2026 x86_64 Linux
x86 (i.e. 32 bit):
localhost:~# time gcc -O primes.c -o primes
real 0m 2.08s
user 0m 1.43s
sys 0m 0.64s
localhost:~# time ./primes
Starting run
3713160 primes found in 348424 ms
301 bytes of code in countPrimes()
real 5m 48.46s
user 5m 37.55s
sys 0m 10.86s
localhost:~# uname -a
Linux localhost 4.12.0-rc6-g48ec1f0-dirty #21 Fri Aug 4 21:02:28 CEST 2017 i586 Linux
riscv64:
[root@localhost ~]# time gcc -O primes.c -o primes
real 0m 2.08s
user 0m 1.13s
sys 0m 0.93s
[root@localhost ~]# time ./primes
Starting run
3713160 primes found in 180893 ms
216 bytes of code in countPrimes()
real 3m 0.90s
user 3m 0.89s
sys 0m 0.00s
[root@localhost ~]# uname -a
Linux localhost 4.15.0-00049-ga3b1e7a-dirty #11 Thu Nov 8 20:30:26 CET 2018 riscv64 GNU/Linux
Conclusion: as seen also in QEMU (also started by Bellard!), RISC-V is a *lot* easier to emulate than x86. If you're building code specifically to run in emulation, use RISC-V: builds faster, smaller code, runs faster.
Note: quite different gcc versions, with x86_64 being 15.2.0, x86 9.3.0, and riscv64 7.3.0.
Interesting to see the gcc version gap between the targets. The x86_64 image shipping gcc 15.2.0 vs 7.3.0 on riscv64 makes the performance comparison less apples-to-apples than it looks - newer gcc versions have significantly better optimization passes, especially for register allocation.
brucehoult 7 hours ago [-]
The RISC-V one has just never been touched since it was created in 2018.
> newer gcc versions have significantly better optimization passes
So what you're saying is that with a modern compiler RISC-V would win by even more?
TBH I doubt much has changed with register allocation on register-rich RISC ISAs since 2018. On i386, yeah, quite possible.
dmitrygr 10 hours ago [-]
MIPS (the arch of which RISCV is mostly a copy) is even easier to emulate, unlike RV it does not scatter immediate bits al over the instruction word, making it easier for an emulator to get immediates. If you need emulated perf, MIPS is the easiest of all
brucehoult 10 hours ago [-]
That's a very small effect in the overall decoding of an instruction even in a pure interpretive emulator, and undetectable in a JIT.
The thing I most want to use this (or some other WASM Linux engine) for is running a coding agent against a virtual operating system directly in my browser.
Claude Code / Codex CLI / etc are all great because they know how to drive Bash and other Linux tools.
The browser is probably the best sandbox we have. Being able to run an agent loop against a WebAssembly Linux would be a very cool trick.
I had a play with v86 a few months ago but didn't quite get to the point where I hooked up the agent to it - here's my WIP: https://tools.simonwillison.net/v86 - it has a text input you can use to send commands to the Linux machine, which is pretty much what you'd need to wire in an agent too.
In that demo try running "cat test.lua" and then "lua test.lua".
the_mitsuhiko 14 hours ago [-]
> The thing I most want to use this (or some other WASM Linux engine) for is running a coding agent against a virtual operating system directly in my browser.
I don't know man, I didn't see anyone say "this post didn't need to be about <random topic>", HN has just become allergic to LLMs lately.
I'm excited about them and I think discussion on how to combine two exciting technologies are exactly what I'd like to see here.
purerandomness 11 hours ago [-]
You haven't been around here in the Blockchain/NFT/Smart Contract dark ages, have you?
stavros 11 hours ago [-]
Naw man I just signed up.
yokoprime 11 hours ago [-]
I chuckled. Everything on earth is recent if you look at it from a cosmic timeframe I guess
Towaway69 4 hours ago [-]
I wonder in what timeframe the cosmic timeframe is recent.
It's turtles all the way down ....
;)
stavros 11 hours ago [-]
To be fair, it really was annoying when everything was blockchain.
Towaway69 4 hours ago [-]
Aren't there blockchain agents, surely there must be agents running in the blockchain as smart contracts?
girvo 4 hours ago [-]
On the other hand man was it easy to make money at the time. I guess that’s probably true now for those in the AI space too
fsloth 3 hours ago [-]
TBH I’ve been here a while, never felt what the point with the above is but do feel LLM:s are a new valuable affordance in computer use.
I mean I don’t have to remember the horrible git command line anymore which already improves my exprience as a dev 50%.
It’s not all hype bs this time.
bakugo 11 hours ago [-]
Has there ever been any other topic that was not only the subject of the majority of submissions, but also had a subset of users repeatedly butting into completely unrelated discussions to go "b-but what about <thing>? we need to talk about <thing> here too! how can I relate this to <thing>? look at my <thing> product!"?
You can't just roll in to a random post to tell people about your revolutionary new AI agent for the 50th time this week and expect them not to be at least mildly annoyed.
stavros 11 hours ago [-]
I'm with you, but he wasn't telling us about his agent, he was saying "this is a cool technology and I've been wanting to use it to make a thing". The thing just happened to be LLM-adjacent.
bakugo 11 hours ago [-]
Almost all of his comments "just happen" to be LLM-adjacent. At some point it stops "just happening" and it becomes clear that certain people (or their AI bots) are frequenting discussion spaces for the sole purpose of seeking out opportunities to bring up AI and self-promote.
stavros 11 hours ago [-]
Simon has been here since way before LLMs were a thing, and it's fairly obvious (to me, at least) that he's genuinely excited about LLMs, he's not just spamming sales or anything.
yokoprime 11 hours ago [-]
You are not reading his material i suppose? It’s really one of the better sources for informed takes on llms
The entire thing is just quotes and a retelling of events. The closest thing to a "take" I could find is this:
> I have no idea how this one is going to play out. I’m personally leaning towards the idea that the rewrite is legitimate, but the arguments on both sides of this are entirely credible.
Which effectively says nothing. It doesn't add anything the discussion around the topic, informed or not, and the post doesn't seem to serve any purpose beyond existing as an excuse to be linked to and siphon attention away from the original discussion (I wonder if the sponsor banner at the top of the blog could have something to do with that...?)
Literally just a quote from his fellow member of the "never stops talking about AI" club, Karpathy. No substance, no elaboration, just something someone else said or did pasted on his blog followed by a short agreement. Again, doesn't add anything or serve any real purpose, but was for some reason submitted to HN[1], and I may be misremembering but I believe it had more upvotes/comments than the original[2] at one point.
I think my coverage of the Mark Pilgrim situation added value in that most people probably aren't aware that Mark Pilgrim removed himself from internet life in 2011, which is relevant to the chardet story.
That second Karpathy example is from my link blog. Here's my post describing how I try to add something new when I write about things on my link blog: https://simonwillison.net/2024/Dec/22/link-blog/
In the case of that Karpathy post I was amplifying the idea that "Claw" is now the generic name for that class of software, which is notable.
darig 12 hours ago [-]
[dead]
yokoprime 11 hours ago [-]
What topics are allowed in your opinion? I very much enjoyed Simon’s comment as it is a use case I also was thinking of.
brumar 6 hours ago [-]
Why not leting upvotes do their thing? I enjoyed this comment.
grimgrin 11 hours ago [-]
a bit cute that you interacted with the 1 AI thread. there are other threads!
Apptron uses v86 because its fast. Would love it for somebody to add 64-bit support to v86. However, Apptron is not tied to v86. We could add Bochs like c2w or even JSLinux for 64-bit, I just don't think it will be fast enough to be useful for most.
Apptron is built on Wanix, which is sort of like a Plan9-inspired ... micro hypervisor? Looking forward to a future where it ties different environments/OS's together.
https://www.youtube.com/watch?v=kGBeT8lwbo0
How’s performance relative to bare metal or hardware virtualization?
johndough 3 hours ago [-]
I ran two experiments:
~20x slower for a naive recursive Fibonacci implementation in Python (1300 ms for fib(30) in this VM vs 65ms on bare metal. For comparison, CPython directly compiled to WASM without VM overhead does it in 140ms.)
~2500x slower for 1024x1024 matrix multiplication with NumPy (0.25 GFLOPS in VM vs 575 GFLOPS on bare metal).
apignotti 2 hours ago [-]
This is not correct. You are using WebVM here, not BrowserPod.
WebVM is based on x86 emulation and JIT compilation, which at this time lowers vector instructions as scalar. This explains the slowdowns you observe. WebVM is still much faster than v86 in most cases.
BrowserPod is based on a pure WebAssembly kernel and WebAssembly payload. Performance is close to native speed.
Demo works as expected for me, please share information if possible or join our Discord for further help: https://discord.leaningtech.com
johndough 14 minutes ago [-]
I dug a bit deeper. The cause was that navigator.storage.getDirectory() is not available in Firefox private browsing mode.
The performance is pretty amazing. fib(35) runs in 60ms, compared to 65ms in NodeJS on Desktop.
But I can't find a shell. Is there only support for NodeJS at the moment?
andai 8 hours ago [-]
I run agents as a separate Linux user. So they can blow up their own home directory, but not mine. I think that's what most people are actually trying to solve with sandboxing.
(I assume this works on Macs too, both being Unixes, roughly speaking :)
repstosb 3 hours ago [-]
> The thing I most want to use this (or some other WASM Linux engine) for is running a coding agent against a virtual operating system directly in my browser.
Well, there it is, the dumbest thing I'll read on the internet all week.
Most of the engineering in Linux revolves around efficiently managing hardware interfaces to build up higher-level primitives, upon which your browser builds even higher-level primitives, that you want to use to simulate an x86 and attached devices, so you can start the process again? Somewhere (everywhere), hardware engineers are weeping. I'll bet you can't name a single advantage such a system would have over cloud hosting or a local Docker instance.
Even worse, you want this so your cloud-hosted imaginary friend can boil a medium-sized pond while taking the joyful bits of software development away from you, all for the enrichment of some of the most ethically-challenged members of the human race, and the fawning investors who keep tossing other people's capital at them? Our species has perhaps jumped the shark.
While this may be a better sandbox, actually having a separate computer dedicated to the task seems like a better solution still and you will get better performance.
Besides, prompt injection or simpler exploits should be addressed first than making a virtual computer in a browser and if you are simulating a whole computer you have a huge performance hit as another trade off.
On the other hand using the browser sandbox that also offers a UI / UX that the foundation models have in their apps would ease their own development time and be an easy win for them.
ZeWaka 8 hours ago [-]
It's relatively easy to spin up a busybox WASM v86 solution
tldr; devcontainers let you completely containerize your development environment. You can run them on Linux natively, or you can run them on rented computers (there are some providers, such as GitHub Codespaces) or you can also run them in a VM (which is what you will be stuck with on a Mac anyways - but reportedly performance is still great).
All CLI dev tools (including things like Neovim) work out of the box, but also many/most GUI IDEs support working with devcontainers (in this case, the GUI is usually not containerized, or at least does not live in the same container. Although on Linux you can do that also with Flatpak. And for instance GitHub Codespaces runs a VsCode fully in the browser for you which is another way to sandbox it on both ends).
stavros 12 hours ago [-]
This is interesting (and I've seen it mentioned in some editors), but how do I use it? It would be great if it had bubblewrap support, so I don't have to use Docker.
Do you know if there's a cli or something that would make this easier? The GitHub org seems to be more focused on the spec.
bakugo 12 hours ago [-]
[flagged]
iamjackg 11 hours ago [-]
Nobody is promoting a product. Simon is just sharing an experiment he attempted. No products being sold here.
pelcg 10 hours ago [-]
Maybe not, but in the past some here see that the blog is the product that is being promoted here.
Even in this thread alone https://news.ycombinator.com/item?id=47314929 some commenters here are clearly annoyed with the way AI is being shoved in each place where they do not want it.
I don't care, but I can see why many here are getting tired of it.
blackhaz 16 hours ago [-]
Sorry for the off-topic, but what a bliss to see Windows 2000 interface. And what an absolute abomination from hell pretty much all the modern UIs are.
stavros 12 hours ago [-]
My god that interface feels like home.
shevy-java 15 hours ago [-]
Yeah. Microsoft really went downhill UI-wise.
MBCook 8 hours ago [-]
They’re hardly the only ones.
diabllicseagull 12 hours ago [-]
win2000 brings back so many good memories.
cheema33 15 hours ago [-]
Is that even remotely relevant to JSLinux?
nout 15 hours ago [-]
Yes, it's one of the available emulated systems on JSLinux.
dmd 13 hours ago [-]
If you'd clicked the link, instead of just reading the title, you'd have known it was.
maxloh 17 hours ago [-]
Unfortunately, he didn't attach the source code for the 64-bit x86 emulation layer, or the config used to compile the hosted image.
It looks like container2wasm uses a forked version of Bochs to get the x86-64 kernel emulation to work. If one pulled that out separately and patched it a bit more to have the remaining feature support it'd probably be the closest overall. Of course one could say the same about patching anything with enough enthusiasm :).
14 hours ago [-]
14 hours ago [-]
zoobab 2 hours ago [-]
"he didn't attach the source code for the 64-bit x86 emulation layer"
It's not open source? If that's the case, it should be in his FAQ.
hashkitly 48 minutes ago [-]
Amazing work by Fabrice Bellard as always. The x86_64 support opens up so many possibilities for running modern Linux distributions in the browser.
testifye 7 hours ago [-]
I've been using the x86_64 Alpine jslinux browser image in Chrome for the last 4 hours - pulling code down via git, building several large packages from source, editing and altering code, and running their test suites. This VM may be 50 times slower than native, but it is rock solid - worked perfectly and is stable. It's simply remarkable.
AlecMurphy 15 hours ago [-]
If anyone is interested, I made some modifications last month to get TempleOS running on the x86_64 JSLinux: https://ring0.holyc.xyz/
I can launch this thing and start making arbitrary connections out to port 25 on the internet from some random IP? Hmm.
maxloh 16 hours ago [-]
From the "Technical notes" page:
> Access to Internet is possible inside the emulator. It uses the websocket VPN offered by Benjamin Burns (see his blog). The bandwidth is capped to 40 kB/s and at most two connections are allowed per public IP address. Please don't abuse the service.
A somewhat better solution via tailnet you can find in https://webvm.io/
16 hours ago [-]
stjo 12 hours ago [-]
I love how nonchalantly demonstrates his custom terminal emulator and javascript engine.
petcat 17 hours ago [-]
I've always been fascinated by this, but I have never known what it would be useful for. Does anyone know of any practical use cases?
omoikane 17 hours ago [-]
I use bellard.org/jslinux to test compilation of strange code sometimes[1], since it came with compilers that are different versions from what I have installed locally, and it's easier to open up a browser than starting a VM.
I use a similar emulator (v86) as a way to share my hobby OS. Approximately zero people, even my friends, are going to boot my hobby OS on real hardware; I did manage to convince some of them to run it in qemu, but it's difficult. A browser environment shows the thing quite well; and easy networking is cool too.
My hobby OS itself is not very useful, but it's fun if you're in the right mood.
Towaway69 4 hours ago [-]
I guess for the author its learning about how Linux can be ported to the browser. For us, it's more of a nice amusement.
But then again, I've never understood why Buddhist monks create sand mandalas[1] and then let them be blown away (the mandalas not the monks!).
I think one should see it from the authors PoV instead of thinking "what is in it for me". If I were to use this, then to create digital sand mandalas in the browser! ;)
We are a playful species. People enjoy play. If we didn't have to work for a living but still enjoyed food security that is all most of us would do. But we are also a very exploitative species, some more than others. Companies have made billions of dollars on top of Fabrice Bellard's works, qemu, ffmpeg etc.
These companies don't have any imagination. Their management has no vision. They could not create anything new and wonderful if they tried. People like Fabrice do and we are all richer for it. If your asking about the practical use you are likely in the exploitative mindset which is understandable on HN. The hacker/geek mindset enjoys this for what it is.
kristianp 7 hours ago [-]
https://infinitemac.org/ is an example of a good use: users can try out old versions of Mac OS, to see what's changed and what software used to be available for old versions. It doesn't use JSLinux, but other emulators [1]
Most such emulators have Internet access on the IP level. Therefore, this is a very cheap way to test anything on the Internet.
apk add nmap
nmap your.domain.com
However, the speed is heavily throttled. You can even use ssh and login to your own server.
It can also be used as a very cheap way to provide a complete build environment on a single website, for example to teach C/C++. Or to learn the shell. You don't have to install anything.
Onavo 13 hours ago [-]
You need backend proxies, the browser doesn't allow ignoring CORS by default.
s-macke 3 hours ago [-]
Exactly. And JSLinux is using one.
postalrat 14 hours ago [-]
Some sort of web based archive of applications/etc where you can boot them up in your browser.
peterburkimsher 13 hours ago [-]
That’s what I’d like to use it for as well, but it’s difficult to do so because there’s no way to edit the disk image.
Any advice on how to create a JSLinux clone with a specific file pre-installed and auto-launching would be much appreciated!
progrium 12 hours ago [-]
Working with VMs always felt difficult because of this. So authoring was built-in to Docker. Now you can use Apptron to author and embed a Linux system on a web page. This aspect is usable, but it's only going to get better.
vexnull 10 hours ago [-]
The tech docs at bellard.org/jslinux/tech.html describe the TEMU config format. Each VM is just a .cfg file - you can see the existing ones linked on the main page. The VFsync integration (vfsync.org) is probably your best bet for getting files into the VM without rebuilding the disk image.
For a classroom with Windows PCs this is close to ideal - zero install, no admin rights, works in any browser. Students get a real gcc toolchain and shell without touching the host OS.
redleader55 16 hours ago [-]
Agentic workloads create and then run code. You don't want to just run that code in a "normal" environment like a container, or even a very well protected VM. There are other options, ofc - eg. gvisor, crossvm, firecracker, etc, but this one is uncommon enough to have a small number of attackers trying to hack it.
srdjanr 15 hours ago [-]
What's wrong with a well protected VM? Especially compared to something where the security selling point is "no one uses it" (according to your argument; I don't know how secure this actually is)
g947o 14 hours ago [-]
Nothing, but "there are already working options" does not necessarily mean we shouldn't try new (and sometimes weird) things
cloudfudge 12 hours ago [-]
GP says "You don't want to just run that code in ... even a very well protected VM." Why?
redleader55 29 minutes ago [-]
Because unless you can fund several teams - kernel, firmware(bios,etc), GPU drivers, qemu, KVM, extra hardening(eg. qemu runs under something like bpfilter) + a red team, security through obscurity is cheaper. The attack surface area is just too large.
TacticalCoder 12 hours ago [-]
Yeah but GP was answering to a comment saying "you don't want to run code in a well protected VM". Which is of course complete non sense to say and GP was right to question it.
hrmtst93837 4 hours ago [-]
Obscurity is a shrinking moat unless you are upstreaming changes regularly, and most uncommon emulators lag behind on the boring but needed patches compared to QEMU or Firecracker. If you shift to a niche emulator for security, you really need a plan to audit the new attack surface it brings. Even a weird stack tends to attract attackers once it gets popular enough or just irritates someone determined.
varun_ch 17 hours ago [-]
Maybe if you’ve got some ancient software that’s missing source code and only runs with X Y and Z conditions, you could continue to offer it on the web and build around it like that? Not sure if that would be practical at all, but could be interesting
maxloh 17 hours ago [-]
My college professor used it to teach us the Linux command line
x86_64:
x86 (i.e. 32 bit): riscv64: Conclusion: as seen also in QEMU (also started by Bellard!), RISC-V is a *lot* easier to emulate than x86. If you're building code specifically to run in emulation, use RISC-V: builds faster, smaller code, runs faster.Note: quite different gcc versions, with x86_64 being 15.2.0, x86 9.3.0, and riscv64 7.3.0.
[1] http://hoult..rg/primes.txt
> newer gcc versions have significantly better optimization passes
So what you're saying is that with a modern compiler RISC-V would win by even more?
TBH I doubt much has changed with register allocation on register-rich RISC ISAs since 2018. On i386, yeah, quite possible.
Also MIPS code is much larger.
http://blog.schmorp.de/2015-06-08-emulating-linux-mips-in-pe...
(For APX I have patches at https://lore.kernel.org/qemu-devel/20260301144218.458140-1-p... but I have never tested them on system emulation).
Claude Code / Codex CLI / etc are all great because they know how to drive Bash and other Linux tools.
The browser is probably the best sandbox we have. Being able to run an agent loop against a WebAssembly Linux would be a very cool trick.
I had a play with v86 a few months ago but didn't quite get to the point where I hooked up the agent to it - here's my WIP: https://tools.simonwillison.net/v86 - it has a text input you can use to send commands to the Linux machine, which is pretty much what you'd need to wire in an agent too.
In that demo try running "cat test.lua" and then "lua test.lua".
That exists: https://github.com/container2wasm/container2wasm
Unfortunately I found the performance to be enough of an issue that I did not look much further into it.
This thing is really inescapable those days.
I should have replied there instead, my mistake.
I'm excited about them and I think discussion on how to combine two exciting technologies are exactly what I'd like to see here.
It's turtles all the way down ....
;)
I mean I don’t have to remember the horrible git command line anymore which already improves my exprience as a dev 50%.
It’s not all hype bs this time.
You can't just roll in to a random post to tell people about your revolutionary new AI agent for the 50th time this week and expect them not to be at least mildly annoyed.
The entire thing is just quotes and a retelling of events. The closest thing to a "take" I could find is this:
> I have no idea how this one is going to play out. I’m personally leaning towards the idea that the rewrite is legitimate, but the arguments on both sides of this are entirely credible.
Which effectively says nothing. It doesn't add anything the discussion around the topic, informed or not, and the post doesn't seem to serve any purpose beyond existing as an excuse to be linked to and siphon attention away from the original discussion (I wonder if the sponsor banner at the top of the blog could have something to do with that...?)
This seems to be a pattern, at least in recent times. Here's another egregious example: https://simonwillison.net/2026/Feb/21/claws/
Literally just a quote from his fellow member of the "never stops talking about AI" club, Karpathy. No substance, no elaboration, just something someone else said or did pasted on his blog followed by a short agreement. Again, doesn't add anything or serve any real purpose, but was for some reason submitted to HN[1], and I may be misremembering but I believe it had more upvotes/comments than the original[2] at one point.
[1] https://news.ycombinator.com/item?id=47099160
[2] https://news.ycombinator.com/item?id=47096253
That second Karpathy example is from my link blog. Here's my post describing how I try to add something new when I write about things on my link blog: https://simonwillison.net/2024/Dec/22/link-blog/
In the case of that Karpathy post I was amplifying the idea that "Claw" is now the generic name for that class of software, which is notable.
Apptron uses v86 because its fast. Would love it for somebody to add 64-bit support to v86. However, Apptron is not tied to v86. We could add Bochs like c2w or even JSLinux for 64-bit, I just don't think it will be fast enough to be useful for most.
Apptron is built on Wanix, which is sort of like a Plan9-inspired ... micro hypervisor? Looking forward to a future where it ties different environments/OS's together. https://www.youtube.com/watch?v=kGBeT8lwbo0
For a full-stack demo see: https://vitedemo.browserpod.io/
To get an idea of our previous work: https://webvm.io
~20x slower for a naive recursive Fibonacci implementation in Python (1300 ms for fib(30) in this VM vs 65ms on bare metal. For comparison, CPython directly compiled to WASM without VM overhead does it in 140ms.)
~2500x slower for 1024x1024 matrix multiplication with NumPy (0.25 GFLOPS in VM vs 575 GFLOPS on bare metal).
WebVM is based on x86 emulation and JIT compilation, which at this time lowers vector instructions as scalar. This explains the slowdowns you observe. WebVM is still much faster than v86 in most cases.
BrowserPod is based on a pure WebAssembly kernel and WebAssembly payload. Performance is close to native speed.
The performance is pretty amazing. fib(35) runs in 60ms, compared to 65ms in NodeJS on Desktop.
But I can't find a shell. Is there only support for NodeJS at the moment?
(I assume this works on Macs too, both being Unixes, roughly speaking :)
Well, there it is, the dumbest thing I'll read on the internet all week.
Most of the engineering in Linux revolves around efficiently managing hardware interfaces to build up higher-level primitives, upon which your browser builds even higher-level primitives, that you want to use to simulate an x86 and attached devices, so you can start the process again? Somewhere (everywhere), hardware engineers are weeping. I'll bet you can't name a single advantage such a system would have over cloud hosting or a local Docker instance.
Even worse, you want this so your cloud-hosted imaginary friend can boil a medium-sized pond while taking the joyful bits of software development away from you, all for the enrichment of some of the most ethically-challenged members of the human race, and the fawning investors who keep tossing other people's capital at them? Our species has perhaps jumped the shark.
Besides, prompt injection or simpler exploits should be addressed first than making a virtual computer in a browser and if you are simulating a whole computer you have a huge performance hit as another trade off.
On the other hand using the browser sandbox that also offers a UI / UX that the foundation models have in their apps would ease their own development time and be an easy win for them.
tldr; devcontainers let you completely containerize your development environment. You can run them on Linux natively, or you can run them on rented computers (there are some providers, such as GitHub Codespaces) or you can also run them in a VM (which is what you will be stuck with on a Mac anyways - but reportedly performance is still great).
All CLI dev tools (including things like Neovim) work out of the box, but also many/most GUI IDEs support working with devcontainers (in this case, the GUI is usually not containerized, or at least does not live in the same container. Although on Linux you can do that also with Flatpak. And for instance GitHub Codespaces runs a VsCode fully in the browser for you which is another way to sandbox it on both ends).
Do you know if there's a cli or something that would make this easier? The GitHub org seems to be more focused on the spec.
Even in this thread alone https://news.ycombinator.com/item?id=47314929 some commenters here are clearly annoyed with the way AI is being shoved in each place where they do not want it.
I don't care, but I can see why many here are getting tired of it.
For a more open-source version, check out container2wasm (which supports x86_64, riscv64, and AArch64 architectures): https://github.com/container2wasm/container2wasm
It looks like container2wasm uses a forked version of Bochs to get the x86-64 kernel emulation to work. If one pulled that out separately and patched it a bit more to have the remaining feature support it'd probably be the closest overall. Of course one could say the same about patching anything with enough enthusiasm :).
It's not open source? If that's the case, it should be in his FAQ.
Even though it has no JIT. Truly magic :)
> Access to Internet is possible inside the emulator. It uses the websocket VPN offered by Benjamin Burns (see his blog). The bandwidth is capped to 40 kB/s and at most two connections are allowed per public IP address. Please don't abuse the service.
https://bellard.org/jslinux/tech.html
[1] For example:
https://www.ioccc.org/2020/yang/index.html#:~:text=tcc%200.9...
https://www.ioccc.org/2018/yang/index.html#:~:text=tcc%200.9...
My hobby OS itself is not very useful, but it's fun if you're in the right mood.
But then again, I've never understood why Buddhist monks create sand mandalas[1] and then let them be blown away (the mandalas not the monks!).
I think one should see it from the authors PoV instead of thinking "what is in it for me". If I were to use this, then to create digital sand mandalas in the browser! ;)
[1]: https://en.wikipedia.org/wiki/Sand_mandala
These companies don't have any imagination. Their management has no vision. They could not create anything new and wonderful if they tried. People like Fabrice do and we are all richer for it. If your asking about the practical use you are likely in the exploitative mindset which is understandable on HN. The hacker/geek mindset enjoys this for what it is.
[1] https://blog.persistent.info/2025/03/infinite-mac-os-x.html
It can also be used as a very cheap way to provide a complete build environment on a single website, for example to teach C/C++. Or to learn the shell. You don't have to install anything.
Any advice on how to create a JSLinux clone with a specific file pre-installed and auto-launching would be much appreciated!
For a classroom with Windows PCs this is close to ideal - zero install, no admin rights, works in any browser. Students get a real gcc toolchain and shell without touching the host OS.
We have Windows PCs in the classroom.
From "Show HN: Amla Sandbox – WASM bash shell sandbox for AI agents" (2026) https://news.ycombinator.com/item?id=46825119 :
>>> How to run vscode-container-wasm-gcc-example with c2w, with joelseverin/linux-wasm?
>> linux-wasm is apparently faster than c2w
From "Ghostty compiled to WASM with xterm.js API compatibility" https://news.ycombinator.com/item?id=46118267 :
> From joelseverin/linux-wasm: https://github.com/joelseverin/linux-wasm :
>> Hint: Wasm lacks an MMU, meaning that Linux needs to be built in a NOMMU configuration
From https://news.ycombinator.com/item?id=46229385 :
>> There's a pypi:SystemdUnitParser.