I think you could solve it by giving apps an option to not open automatically when you start Puter. That way you could start the Puter app, and it'd open a nested instance of Puter, but that instance wouldn't start infinite recursion by automatically opening the Puter app inside.
I don't own anything Puter-related, no, except for those two apps (since anyone can publish an app on Puter - app names are first-come first-served).
I thought it would be funny, since I got in pretty early, to make an app called Puter that would just load Puter inside. (I initially called it "PuterPuter", but then tested to see if just "Puter" was available. It was. Now both apps exist and do the same thing.)
The "DDoS" is because when you open up either app, it loads up another instance of Puter... which promptly restores your session that has the app open, causing infinite recursion. If the HN hug of death found my comment and each person started infinitely recursing, that's a DDoS.
I believe ent101 (Puter developer) thought I changed the name from one to the other to stop the recursion. I didn't. Both apps just exist. I trust that anyone stupid enough to open that app is also smart enough to close it when they are done. :)
Puter apps are just iframes that point to a web address. I claimed the name "Puter" to point to Puter's own web address. If you open the app, it will load Puter again inside, which will restore your session that contains the app, loading another Puter inside, which will again restore your session that contains the app...
Congrats on making it on HN with puter.com. Always love to see desktop environments getting attention. It looks better all the time.
I'll take a chance to mention my attempt at creating a desktop environment in the browser as it's open source, if anyone is interested in checking out.
Yesterday on Reddit, someone mentioned your project as one of the coolest projects he had seen, and I was more than happy to reply to him with more details [1] as I really enjoyed watching your journey. Cool projects deserve more sharing and support for their creators.
Puter.com belonged to my good friend (and now also an investor in Puter) Humberto (who is the founder and CEO of Rows.com). He told me about the domain and I immediately thought it would be the perfect fit for this project. He was very gracious and agreed to sell it to me (well, to Puter Technologies Inc. lol). The price was $25,000.
Another comment on here explains it very well: "It’s “pyu-ter”, like comPUTER! Puter dot com! Well done" This is why I loved it so much!
Never heard that before. It's a nice folksy bit of wisdom... except very few people in old Ireland or England could afford a fair bit of land, and even fewer could afford to build a folly upon it.
It unifies the Operating System with the cloud. Your local storage becomes irrelevant while at the same time you have full durability and portability of your environment on any device in the world.
I think more to the point, why would someone use this as opposed to a remote-desktop service from an established company like Amazon, Microsoft, Google, ...
This isn’t a Remote Desktop.
This is a cloud file system which loads your files and js apps on the front end in a way that it looks like a remote desktop
Do you see positioning this say against a Citrix (IE: corporate desktop virtualization) or as a Google Apps alternative, (IE: students, consumers looking for a cross-device solution)? Or something else altogether?
I don’t know anything about you two, and I don’t want to sound condescending, but… what kind of friend sells a freaking domain for 25,000 dollars to another friend? Or was that just some asset shifting between your companies, without any real money involved..?
but then got super busy with my spreadsheet company at rows.com.
all the domains i buy are for real projects, which i release like decodeportugal.com, portotype.com, berto.com and more but some take years to see the light of day.
i am open to selling if the idea is superior to mine, which is the case of the creator of puter.com.
fyi i'd paid a 5 digits good deal of money for puter.com too. when you fall in love for these projects..you risk it.
At your suggestion, I did the Google search. I did not find an 'overwhelming consensus'. There are some sellers who are motivated to allow it for complex reasons (public perception, value of sell-out crowds which allow TV broadcast of sporting events and ancillary sales. e.g). The fancy term 'allocative efficiency' which is econ-speak for 'we should always sell to the highest bidder' is described as a positive outcome of scalping. Personally I find that nauseating, and of no real value to (original) providers (sellers) such as entertainers. There are first-person interviews of entertainers distressed by the way scalping impacts their fans.
I’ve shown up to venues before and paid less for a ticket from the scalpers than if I would have walked over to the box office because they were just trying to unload them.
I’ve also sold an extra ticket for a friend by just walking up to a random person standing in the ticket line and offering it to them for face value (which saved them money on the ticket counter markup).
Both cases involved turning what would have been a complete loss into less than a complete loss. Never felt bad about the scalpers loosing money because they knew the risks and my friend was just going to eat the loss because whoever the ticket was for couldn’t make the show for whatever reason and I was like “I’ll get rid of it for you”.
Yes, these are good examples of ... well, 'useful' scalping. The scenario I had in mind was when big scalping outfits have a modus operandi of buying huge quantities of tickets for re-sale. Aided and abetted by the technology of the web. I don't think it happened too often before that.
Ah yes, buyers benefit from paying a higher price they otherwise would have done. This is very smart and sensible and obvious.
(If you're claiming that buyers benefit from being able to buy a ticket that was purchased but then was not wanted, then that's true - but that's not scalping. Scalping is specifically buying a ticket with the intention to resell it for a higher price, _not_ reselling a ticket that was genuinely wanted at the time but was then unusable due to other conditions)
There are human lifetimes worth of political philosophy that argues just that, yes. Many times that written about how land ought to be heavily taxed in accordance to its value.
For some examples, see the Lockean Proviso, Mutualism, and Georgism.
It seems like for the first domain on your list (angeiras.com), you’re quite explicitly marketing it to the proprietor of the popular seafood place you mention. But if you say you’re not squatting, I’m sure there’s something I’m missing.
Actually it seems every app is just a browser window, so you can create an app that points to puter.com, and you'll have puter inside of puter.
It's pretty cool, but I can't think of what this would be useful for. Presumably, you need a sophisticated desktop OS that can run a modern web browser in order to use this. And that OS is likely more useful than this.
This is cool... but what is the business?
It's a good domain name & they have a careers@puter.com email address (if you click on the i in the bottom right)
If Puter/FriendOS can support legacy Windows enterprise apps not updated in over a decade and adds collaboration, SSO, 2FA, access controls, VPN/intranet, etc. - basically what FrontEgg (https://techcrunch.com/2022/07/28/with-40m-in-new-funding-fr...) offers - on top on them, it could be a pretty great business.
This is a great illustration of this type of business: https://apenwarr.ca/log/20120326. A lot of customers totally need, not just want, this type of thing.
Puter/FriendOS type systems can graft upon some modern features on top of all legacy apps, which is far far better than having to build it out for every single one. Especially as the market lies more in the long tail of the custom software tailed to specific companies, that has been chugging along for 15 years in maintenance mode.
I am trying to think of where to take it next. Possibly integrate something like VLC for media playback or allowing users to install applications. I don’t really know what users would want from something like this.
I was thinking this is super nice, but just a toy project. But I saw there is even funding and the author is hiring. So, it is serious.
I think this will be an enormous commercial success, because I tend to misjudge these kind of things. :')
I am impressed by the slickness and speed of this thing. It is more responsive than your average MS Windows system.
@ent101: well done and good luck with this project! Super slick!
which has almost no API calls except accessing files stored in their cloud drive. Other than that, your apps are just plain JavaScript running in a window inside their window. So it appears more like a very goofy way of selling overpriced cloud storage and trying to entice developers to build an ecosystem around that.
> Why should I develop apps for Puter?
>
> We could get you an incredible number of users: Puter's is growing with no sign of slowing down. By building and publishing apps on Puter, you will instantly get access to our ever-growing user base.
This seems dishonest, or maybe I'm just missing the point of Puter. Who the heck is using this?
It's excellent for typing in 'wsl'. More seriously though the new Windows Terminal isn't what provides autocomplete, that's the shell. Powershell probably has okay autocomplete. In Windows the distinction has always blurred a bit.
I've recently given up on unix-type shells on Windows. Whether it's WSL1, WSL2, WSLg, MSYS2 or Cygwin, there's always compatibility quirks or performance issues that just reminds me that "it's not Linux". So I decided to just bite the bullet and go all in on PowerShell. It's still not a great default CLI experience but it can be made acceptable with plugins. But the real strength is in scripting, it's a good mix of high-level language and shell terseness.
Typing `exit` in terminal killed my Chrome with all 20+ tabs. Restoring previous session after restarting Chrome -> killed Chrome with all tabs again, and again, and again... Only thing that helped was killing Puter tab really fast before it loaded.
"logout", though, takes you back to the uh, root directory (which contains nothing except your user dir).
It doesn't log you out though, since there's no users or privileges anyway. Which seems like a rather major oversight.
i don't think it's a shared VPS
it looks like a computer in the cloud, but it seems it's just serving the files and app files which execute locally (as opposed to remotely)
the UX clearly makes the brain think it's an actual computer.
With Stadia I think Google had something like this in their mind. Progressively centralizing computation and storage in data centers while the offering devices like chromebook.
Like terminals to a mainframe computer but on WAN level.
The docs mention an API for use within apps in the browser. I am wondering if an external API is available or planned to allow two way interaction with external servers.
Seems to have an issue with Firefox. At least in the terminal app -- the characters are multicolored blocks rather than letters. The editor app seems to work, as do the various games like Panda Love.
Mozilla has no time to fix Firefox Android or address their ever dwindling market share but we can count on them to waste time on overzealous security theater
What I don't understand is why they all go full classic OS demo, with always the same suite of basic apps (note, paint, photo...)
Why not build (complex but specific) SaaS applications that just leverage OS designs paradigms on the frontend (taskbar, windows, notifications, desktop, icons..) inside the same tab?
What if the OS-like apps were open plugins that will augment that SaaS?
[edit] here is an example: Imagine an alternative OS-like interface to HN that is plugin-based. You can add themes, or apps like messaging between HN users (in different windows), keyword-based and comment replies notification (a la Action Center)...
I had an idea like this for a university design (Not really centered in design, more on design methodology and research) class. At first I thought of designing a fully customizable, plugin-based EMS (Like Moodle), then my teacher told me to try and make it bigger, so I designed an app platform where there's only extensions and the UI is fully yours, kinda like Notion Enhancer [1] or Better Discord [2], but without the base app.
That's the biggest issue I have with these. They're cool and all, but they're starting to get old. I like how they're including a little "SDK for bulding apps in this fake OS", which is a bit new, but I'd be way more invested in something like a HyperTerm-inspired Portfolio Project or UI Library.
wait, this is an easter egg? I saw the same when I randomly opened draw, and all the drawing tools were hidden behind some advent-calendar style doors...
I was like "hm, okay, looks like another windows93.net" and closed the page
If Puter/FriendOS can support legacy Windows enterprise apps not updated in over a decade and adds collaboration, SSO, 2FA, access controls, VPN/intranet, etc. - basically what FrontEgg (https://techcrunch.com/2022/07/28/with-40m-in-new-funding-fr...) offers - on top on them, it could be a pretty great business.
This is a great illustration of this type of business: https://apenwarr.ca/log/20120326. A lot of customers totally need, not just want, this type of thing.
Puter/FriendOS type systems can graft upon some modern features on top of all legacy apps, which is far far better than having to build it out for every single one. Especially as the market lies more in the long tail of the custom software tailed to specific companies, that has been chugging along for 15 years in maintenance mode.
Does anybody remember the circa-1999 desktop.com? Same idea, but implemented in what was then called DHTML. It was very limited but I felt offered a sneak peak of the virtualized and web-based future that we now live in.
Very nice work. Reminds me of FriendOS! Also I suspect the author of puter to build this operating system just to be able to make their own version of Paint that can be themed. chefs kiss to you
> To protect your security, www.google.com will not allow Firefox to display the page if another site has embedded it. To see this page, you need to open it in a new window.
So it’s a “desktop” environment without any of the privacy or security of a desktop environment, written in javascript & css (ie cheap and slow), where all the data is stored on a cloud owned by a couple of dudes (they can snoop, sell, and cut off access to your data at any time), all without encryption?
Am I missing something or this a TERRIBLE idea? How does it keep showing up over and over again? Just about any developer could build something like this in under a month, it isn’t some novel idea.
I don’t mean to rain on a parade here I am always happy to see hobby projects, but the fact someone is investing in this and real money is being allocated seems ridiculous. The implications of anyone seriously thinking this is a reasonable cloud desktop environment are scary; people will get duped into being data harvested with no ownership of their data.
They bought their domain for $25,000, are hiring devs, are now offering a cloud piece and Constantly. Spam. Everywhere. Of this “hobby project to business” story. Spending $25,000 on a domain is not “for fun”.
It deserves scrutiny. If I was making a business out of this (which they are), what I’m saying can only improve their product.
Seems fun on the surface, but they're offering folks to write in to their "careers" email (see the Info icon). They also really seem to be pushing you to create an account, or use the QR code, to save your information for later use.
I've seen instances of fun things like "Windows 98 in a browser" that were interesting projects. This seems to be someone trying to make a full-on product out of the concept, even referring to it as "cloud computing" on their Twitter account.
They can't play both sides. It's either a fun little toy, or it's a serious product. "Puter" seems to be aiming for the latter, so they deserve the relevant scrutiny.
Ironically I'd find more value in "Windows XP in a browser" than in a custom OS. if it has filesystem access and can handle most of the underlying API. Reason being that I run Linux, so if I need to run a Windows program (which I occasionally do: I'm into video game music, and a lot of the tooling stack for manipulating files is dinky Windows programs developed by Some Guy in 2013 and never really maintained), I have the following choices:
- dualboot (not doing that again, Windows 10 loved to eat my bootloader over and over and would get stuck in update loops)
- wine, which requires a lot of configuration and has weird bugs, but is really good for more heavyweight apps (foobar2000 is still king)
- virtualization, which also requires a lot of configuration. need to perform a full OS install, etc. I haven't found a way to easily spin up a virtualized windows box (I run Manjaro = Arch, let me know if you have an easy way. A while back I gave it a couple hours and couldn't figure it out, so I gave up.).
A Windows-in-browser that runs "well enough" and can access my local filesystem would let me just run the damn app, do the thing I want to do, and then call it a day. Of course, I'm sure there's lots of details I haven't thought through here. But it feels like a potentially legitimate use case.
I guess most coders could make something that looks like stackoverflow but can only handle a few thousand users at a time.. It'd be easy to make a site where you post questions and comments, upvote and downvote things, and have some basic account page
Or did they think they could handle all the scale and all the random small features on the site too?
As another kernel programmer who's dabbled in web shit, I think you'll be shocked at how time consuming and obnoxious the work is
Yeah, one line of kernel code is more difficult to write than 100 lines of web code.. but you're going to be churning out 10,000 lines of web code, and every layer of abstraction you try to use will make everything crappier and more screwy
This page isn't a normal website either, so a lot of those website toolkits won't be of much use
You just need to host a single-tenant db, handle auth, manage users, and allocate blob storage for each user. This is all pretty well understood on the backend now with baked turnkey solutions on every major cloud provider.
The app logic can all be done clientside and can be done pretty easily in react / vue / whatever framework you want. Most of the apps can be wired to existing solutions on npm.
So mainly all you need to do is customize some css and bring it all together, deploy & deliver the app itself, and market it.
I’m not sure but I don’t see any x86 virtualization here, seems to just all be JS, so it looks to me to be a very straightforward implementation (correct me if wrong)
haha, I dunno. I just know that I was working on a very simple phone app with React Native a couple years ago. I estimated it'd take 10 hours total to implement, but I got about halfway done with the app after 120 hours of dev work. (It needed some custom 'native' code in Swift, and I did manage to correctly estimate that part would take me less than an hour)
This was also my thinking looking at the site. No way I was going to allow access to my microphone or camera.
the truth is that in order to use this site, you need a working computer with a desktop anyway. So the only value would be is that you can access your stuff from anywhere on any computer.
There is a value proposition in having a synchronized desktop across every environment (phone, tablet, desktop, etc.) but this project doesn’t remotely capture what that would entail —- a wasm-based OS with a webgpu frontend, all locally computed. All synchronization / any data leaving would be encrypted locally with a key shared among local systems via a QR code, and the option to self-host the entire stack would be readily available.
The encryption + self-hosting is bare minimum as a business, not the least of which is because it adds credibility to the entire system. Open source is also a requirement to verify nothing nefarious is going on.
With that in place, it might be reasonable to have a cloud offering that is paid so most users wouldn’t need to self host.
Systems should also be able to replicate data locally so if cloud access is ever shut down, they can continue functioning without much issue.
I could build all that (and have built that + more, so it comes from experience) in a ~month — how is it that this project is getting funded, after lacking any of that after years?
My guess? It is cheap & looks usable, and for some reason gained massive popularity, so it will dupe people into freely sharing their data which can be mined and monetized. Apologies if this isn’t the intention of the original creators, but that is what investors will use this for. If I am wrong, I recommend they implement what I suggested.
I think it's a cool project. It looks slick and no doubt was a lot of work.
Would I ever use it though? Of course not.
It in fact goes in the exact opposite direction of computing for me. I am increasingly moving away from any product that relies on WiFi/connectivity.
So nice to have your own media (movies, music) and not have to worry about an always-on internet to be your streaming bottleneck (never mind the inefficiencies of requiring a personal, on-demand, high-bandwidth movie stream). But then to take and put all your tools and desktop in the cloud as well?
I guess it's why I have no use for Chromebooks either.
I would posit that installing an open UEFI implementation and taking advantage of the A) Cost and B) ridiculously good power saving features of a used Chromebook with the OS of your choice is a good Chromebook use.
Hey, creator here. I'm a little late to reply as I was getting some sleep.
You're obviously entitled to your opinion about Puter. It's completely fine if you think this is a very terrible idea. I disagree but I guess only time will tell.
But I just wanted to say that it's categorically false that Puter is trying to harvest data and sell it later. It's clearly spelled out in its Terms of Service and Privacy Policy. I'm not trying to dupe anyone into anything, just hoping to build a better cloud storage service...
I am not doubting business potential; I can give two expletives about you or anyone else making money. I care only about users / customers.
A few things:
1) please read my other comment about encrypting / address encryption of data.
2) a ToS can be changed at any time in the future. If you value privacy, bake in client-side encryption ASAP. Use bcrypt + salt for the password hashing and use something like libsodium (https://libsodium.gitbook.io/doc/secret-key_cryptography/sec...) to encrypt/decrypt. These are both available in js:
Off the top of my head, have a user enter a password, generate a random nonce, hash it with bcrypt, store that hash to localstorage. Create a secretbox stream with that hash and run any data being persisted through that stream. This will add some safety to userdata.
3) if you do well and get acquired your ToS doesn’t protect anyone but yourself / the new owners
4) the instant you start accepting VC money you will slowly have less and less say in any of this — make protecting customers your first priority asap.
I agree with you 100% on client-side encryption. I need some time to get it right but it's definitely a priority. It's coming soon.
As for ToS and Privacy Policy. I didn't use an off-the-shelf document from the internet because I was trying to make sure it's clear the data is not being harvested in any way, but I guess I need to amplify that more. What do you suggest? I'm genuinely curious and would like to know your suggestions.
I’m not a lawyer so I’d suggest working with one and seeing what sort of language can protect your users now and in the future.
Encryption is an important key here, and I’d want to see source of the core app to make sure it handles all that appropriately. If I was you, I’d publish the core app as open source, and I’d sandbox apps potentially in iframes with reduced permissions & inject a message channel to talk with the main app. You could control access to any secrets on the main app this way, so users have some safety guarantees.
Basically:
Main app (secret management, styling, window management, etc)
|
|——————— msg channel <-> apps
|
|
|——————— (de)crypt <-> persist
Have the apps talk with the core and any core services via a message based event loop. Have all persistence go through a service on the core.
Apps can potentially be closed sourced safely that way.
Whatever you do, make it so third party power users can independently verify it is legit and the entire project will be much more able to stand scrutiny.
Thank you for the detailed reply.
The sandboxing and messaging is already implemented. I think that's the only way I can guarantee data safety when it comes to having 3rd-party apps.
I'm actually planning to open source the whole thing (fingers crossed) this way anyone can look into the code!
I thought this was just supposed to be a cool little portfolio project by the developer. Now they have a "careers@" email address... implying this is a business? What is their product? This seems very peculiar to me.
Indeed, the info window doesn't provide any info, so my best guess is that you can create documents (and apps?), save and probably publish them. It's a sort of remote desktop in a browser, but actually all that's remote is the storage. It does seem quite limited, so I'm not sure what it offers more than novelty (and even that's limited). Perhaps the app builder is good. I didn't check it.
So I went back to try it: app names are apparently global. I couldn't create an app called "test" because "Name is already used by another app. Please pick another name."
Oh, an app is just a URL. Clicking on it just opens the URL in a new window/iframe. It looks as if you can attach a document to the app, so perhaps it sends that along when you drop a document on the icon. Would be neat, but it does rely on other people making and publishing your killer app, and provide the infrastructure for it. I smell micropayments.
can we stop doing posts like these on hn? thank you. by the time we have all figured out it's nothing malicious or not, the harm has already been done. or not. in this case, no harm.
"Puter is a cloud operating system that allows you to upload, store, process, and share data, files, personal information, messages, pictures, and other materials (collectively, your “User Data”). You can also search, preview, sort and personalize your User Data."
I didn't give them anything; I also don't recall their asking for anything.
> I didn't give them anything; I also don't recall their asking for anything.
When I click the link, I see only a login modal over some abstract background art. I don't even see the link to the terms of service you have there. (That's after I enabled Javascript on the page to even get that far.) I can only assume that's what OP is complaining about. Maybe they've got too many users because of this post and they're limiting it to signup-only for now? Or maybe my browser isn't passing some IP trustworthiness thing. shrug
Oh? That's very strange, it instantly works in private browsing mode, taking me to what looks like a desktop. I tried it again in non-private browsing mode and I still get the login window.
Edit: deleting cache and offline website data in Firefox fixed it. In my experience when this fixes something it's usually because there's a broken web worker and that forces it to redownload.
Puter sets "has_visited_before" in the LocalStorage, then does some XHR/fetch requests with no error handling, then sets other stuff in the LocalStorage.
If for whatever reason, one of the XHR/fetch requests fails, you end up with only the "has_visited_before" key in the LocalStorage, which causes you to be stuck on the login screen until you clear the LocalStorage.
https://puter.com/app/puter