Rendered at 16:14:48 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
maufl 8 hours ago [-]
It would be great if we could combine ReactOS with Good old Games to build a retro Windows games distribution. I could hand that out at LAN parties as USB boot stick.
shevy-java 5 hours ago [-]
Agreed. For this to work, though, I guess there needs to be:
- a listing of all games that work well on ReactOS, similar to
how WineHQ does.
Or perhaps a specialized variant of ReactOS with that focus in
mind. Do we have such a list? I assume many games also won't
work perfectly well; see WineHQ, that also had tons of issues
with some games.
theturtletalks 12 hours ago [-]
Given enough time, open-source will win. Just think about how more and more people are programming and how that will draw them to open-source.
xattt 6 hours ago [-]
> development for 28 years now
> given enough time
This has been a lifetime for a slice of the human population.
The article talks about construction on the exterior, the cross on the main tower, the Pope's visit and commemoration of the architect, etc. while on the official website the timeline says "Today, more than 140 years after the laying of the cornerstone, construction continues on the Basilica": https://sagradafamilia.org/en/history-of-the-temple
So which one is it? Is this one of those cases where we have to define "done" first?
belinder 5 hours ago [-]
The exterior is done, the interior not yet
slazaro 3 hours ago [-]
That's not true, there's a lot to be done on the exterior as well, the main entrance is not even finished yet.
The big achievement that happened recently is they completed the towers, so it finally reached its target height. Also the Pope's blessing.
RattlesnakeJake 4 hours ago [-]
> It’s getting into Sagrada Familia territory.
Or "A million monkeys with a million typewriters writing Shakespeare" territory
KronisLV 6 hours ago [-]
See, at this rate it won’t even take a century!
pjmlp 6 hours ago [-]
Only if it keeps being relevant for the computing model.
Case in point, ReactOS is far behind what Windows 11 is capable of, and this not taking into account the ARM and CoPilot+ PC hardware changes in modern motherboards.
It is nonetheless relevant, especially in the presence of escape mechanisms to oppressive governments, and digital sovereignty.
justinclift 2 hours ago [-]
Heh, wouldn't it be funny if some of the EU gov's decided to sponsor ReactOS for another/future pathway away from Redmond. :)
pjmlp 1 hours ago [-]
It could be, but I would rather see SuSE on that, or similar.
loloquwowndueo 3 hours ago [-]
> ReactOS is far behind what Windows 11 is capable of
lol I guess, it doesn’t annoy you with endless ads and pop ups, doesn’t try to steal your data and passwords, doesn’t force you to buy an entire new computer just to run it. Far behind indeed.
pjmlp 3 hours ago [-]
You joke, yet there are plenty of missing actually useful features, some of which even Linux lags behind with exception of Android/Linux.
DaiPlusPlus 43 minutes ago [-]
I challenge you to name an actually useful feature that was added in Windows 11 and not present in any previous release.
Difficulty: QoL features added to undo the effects of bad design changes in Win11 don’t count, such as “compact view” in Windows 11 File Explorer.
mschuster91 4 hours ago [-]
> It is nonetheless relevant, especially in the presence of escape mechanisms to oppressive governments, and digital sovereignty.
Not just for that. There's an awful, awful lot of ancient embedded hardware running machinery sometimes worth dozens of millions of dollars, and it's running even more ancient software. Siemens, for example, recently searched for people capable of (and willing to) working with Windows 3.11 [1], presumably to deal with the HMI displays for locomotive/train drivers.
When dealing with hardware or software that has lifecycles measured in half-centuries, bridges to allow modern tooling to work with it are really, really important.
There are millions of Windows 95 embedded in industrial or government machines. Millions.
pjmlp 3 hours ago [-]
Doing stuff that an ESP 32 would suffice.
reactordev 30 minutes ago [-]
There are at least 8 layers of bureaucracy between the ones who need it, and the ones who make it.
dcrazy 1 hours ago [-]
Yeah but instead of rewriting it, dropping in a supported OS that continues to receive security fixes is a very attractive alternative.
woctordho 3 hours ago [-]
It's far easier to port ReactOS than Windows to ARM and other new CPU ISAs.
pjmlp 3 hours ago [-]
Windows is already there.
shevy-java 4 hours ago [-]
IF there are people who write code.
This is not always the case. Open source projects also die.
We need to improve the funding situation. I have no idea how to do that, but we really need to tackle that problem.
underscore_ku 11 hours ago [-]
more people and AI
da-x 9 hours ago [-]
Specifications are important.
The better the specs of a commercial product, the easier it would be to produce an open source version it, with coding and testing automation perhaps even a one-to-one offering.
micromacrofoot 4 hours ago [-]
this is the year of the linux desktop
goodcanadian 3 hours ago [-]
I have been exclusively running linux on my desktop for 25 years, so from my point of view, this "joke" is a quarter century out of date
eaf7e281 9 hours ago [-]
What is the benefit compared to a compatibility layer? Is it easier for future maintenance?
It's definitely a huge improvement towards "FOSS Windows."
okanat 6 hours ago [-]
You can run proprietary drivers with ReactOS since it replicates the driver layer too.
So unlike Linux systems with Nvidia Kepler cards, you can still run the most up-to-date desktop environment. Or if you have an obscure WiFi card, you can use the Windows drivers.
BoingBoomTschak 6 hours ago [-]
This, I'd love to be able to use Genelec GLM from Linux but it needs some custom serial drivers... too bad it only supports Win 10 right now.
NooneAtAll3 16 hours ago [-]
something I wondered for a while
do windows viruses get ported by such efforts as well?
shakna 13 hours ago [-]
WannaCry was able to successfully run on ReactOS in 2025. Most other virsuses do tend to crash, because the memory layout is just a tiny bit different, but yeah, compatibility means compatibility. Lots of malware comes along for the ride.
However, there is a permissions layer that is more nix than Windows, which means the first foothold is still better than XP - you have to choose to execute the file. Self-running things don't tend to infect systems.
Its not a panacea, and there is a risk factor. And there aren't a lot of antivirus systems that can run correctly under ReactOS, because they freak out and think the OS is the malware, because they're scanning hashes for Windows, not another system.
But for a hobby OS, keeping hardware and software accessible after the rest of the world broke access, it still works.
TechSquidTV 14 hours ago [-]
Of course. Maybe not successfully but a "virus" is just software. If it runs software, it runs software, full stop. Maybe the same APIs are not available or behave differently, so it may be buggy or non-functional, but that's true of Half-Life here too.
augusto-moura 15 hours ago [-]
Some, but not all, most don't. Ideally they would all work, ReactOS doesn't make a priority on being a "safer" option, just an open source option
canyp 15 hours ago [-]
Somewhere in the docs they state that they must also recreate whatever bugs the API has, otherwise applications written with those bugs as an (implicit) assumption could misbehave.
hurtigioll 12 hours ago [-]
its worse than that, Windows activates/deactivates "bugs" based on the compatibility profile of the app.
so you can set an app to use a Windows XP compatibility profile, and this will simulate Windows bugs which were fixed in more recent versions of the OS
dmurvihill 12 hours ago [-]
The payload yes, the exploit hopefully not.
ErroneousBosh 6 hours ago [-]
You can run WannaCry under Wine, with a bit of effort.
chadgpt3 15 hours ago [-]
Yes
naturalmovement 14 hours ago [-]
Maybe worry about Linux malware which is a major problem right now everyone is in huge denial about, instead of throwing shade at a hobby OS emulating a 25 year old version of Windows.
ReactOS isn't the one that just had one of its package repos owned (again).
nvr219 14 hours ago [-]
What's the major Linux malware problem that everyone is ignoring
shakna 13 hours ago [-]
AUR got hit recently [0], by what looks like more work of TeamPCP and friends.
EDIT: Worth noting, Arch ain't hosted on AUR. That's the community side only.
I would still note that this is not some kind of unique problem to Linux. There have been documented instances of malware making it to the Play Store, which is supposed to have a much more rigorous vetting process than AUR and costs actual money to publish on.
shakna 12 hours ago [-]
Just to expand... When the above user is comparing to Windows, who got most of the US government breached, I do think shade against AUR is uncalled for. Its just a community host for packages, comes with warnings, and isn't enabled by default, etc.
I can still happily upgrade via pacman without fear. Haven't been able to update on Windows without concern for over a decade - the malware comes builtin.
I only have 4 packages installed with AUR and I think that’s the intention. You’re only going there when the other solutions aren’t available or don’t make sense.
inigyou 4 hours ago [-]
Linux users used to say "Linux is secure and doesn't get viruses". Now the best thing we can say about it is "Linux gets viruses just like the Play Store". Sad if you ask me.
Grombobulous 19 minutes ago [-]
I think anyone who has made that claim was probably trying to be smug or didn’t actually understand security concepts, and was never correct to be making that claim.
Only Apple has made that claim in their marketing and that was 20 years ago when security by obscurity was shielding them, and when Windows XP was such a cesspool that anything with a normal amount of malware would look virus-free by comparison.
nvme0n1p1 13 hours ago [-]
Isn't it funny how such incidents on Linux are rare enough that they make headlines, but on Windows that's been the baseline expected state of things for so long that nobody bats an eye anymore.
Btw if you're running an OS that's never had a malware incident, please, tell us!
...is essentially impossible to pull off against commercial operating systems, because their core components are all written in-house by staff with photo ID badges, details with HR, tax returns filed with the government, and a cubicle that makes sure that they're locals and not some faceless anonymous hacker identifiable by nothing other than a throwaway faked email address!
I get that there was a lot of "stigma" about open source, the world largely forgot about it, but... actually, in this sense of allowing anonymous contributions it remains a very real risk.
"Jia Tan" was almost certainly a paid professional hacker working for a nation-state actor. Their "helpful contributions" to XZ utils was nowhere near a full-time effort. They certainly had "other irons on the fire", most probably in the Linux kernel or immediately adjacent to it.
He's probably not the only one doing this kind of "work".
For all you know, Linux has more remote exploits purposefully baked into it than Windows has security bugs inadvertently left in it... and don't forget Linux has bugs leading to security vulnerabilities too!
A rough count of "named" CVE 10.0 score (or close to it) vulns in the last 5 years:
7 for Microsoft: ProxyLogon, ProxyShell, ProxyNotShell, LDAPNightmare, PrintNightmare, noPac, Follina
Windows has had a lot more named high-CVEs than that: MonikerLink, QueueJumper, Certifried, HiveNightmare...
As for "Linux", you'd need to specify the distro and environment, because Linux systems can be very different from one another. Your XZ example for instance didn't even affect most enterprise distros (like RHEL). regreSSHion didn't affect any musl libc distros like Alpine, but other systems would've also been unaffected had you set your LoginGraceTime to 0, which any sysadmin worth their salt would've done so. Leaky Vessels fails on SELinux enforcing distros (RHEL, Fedora etc) and sandboxed environments. I could go on, but you get the picture. Comparing the number of "Linux" vulnerabilities to Windows is completely pointless.
hurtigioll 12 hours ago [-]
Windows stopped having serious malware problems at least 10 years ago
the ransomware campaigns would have happened on any OS enterprises use, because they were not security flaws in the OS
shakna 8 hours ago [-]
ClickFix which used Windows Update, and LNK that used Microsoft's signing keys, would disagree. There are still large and ongoing attacks that exploit Windows, and they are a serious problem - its just the attackers are less pointed at the everyday person, and more at corps and govs.
shevy-java 5 hours ago [-]
That's great. I have not tested ReactOS in many years and I am rather
reluctant to try it again (last time I tried, I could not connect to
the internet with it, and that was a breaking point for me), but the
better they are at providing a working alternative, the nicer this is
as a win-win scenario. Linux kind of spoiled me though, I noticed this
with HaikuOS too. If things such as ruby do not work, I am not going
to bother anymore. Linux kind of raised the bar here, at the least for
things that I would expect to work as-is (this is not the only example,
there were more issues and I simply don't want to feel going into
a downgrade-area when using an operating system; I have Win10 on a
computer to my left side but whenever I do things such as copying data
to an USB stick or to it, it is so slow compared to Linux. It annoys
me every time I have to do so.)
succo 4 hours ago [-]
we are still here lol
ajross 16 hours ago [-]
While this is sort of laughable out of context (I mean, Steam on Linux for the last few years has run basically everything with full acceleration)...
I think what is being claimed, but not explicitly in the article, is that this is running the NVIDIA driver stack (for an ancient GeForce 8 card) directly, as opposed to emulating DirectX at the API level on top of a Vulkan driver.
chadgpt3 15 hours ago [-]
Indeed. ReactOS is to the full Windows stack what Wine is to the userland Windows API.
himata4113 15 hours ago [-]
I mean they reimplemented directx without vulkan, that's indeed in a league of their own. wine/proton relies on opengl/vulkan to do anything.
ddtaylor 14 hours ago [-]
Wine has had many different DirectX backends over the decades, including one before Vulkan existed obviously.
himata4113 14 hours ago [-]
All of them relied on translation (ex: opengl). Proton specifically is focused on dx->vulkan.
da_chicken 14 hours ago [-]
> While this is sort of laughable out of context (I mean, Steam on Linux for the last few years has run basically everything with full acceleration)...
Eh. It's sort of like saying FreeDOS is laughable because DOSBox exists. I think that's missing the point.
wolvoleo 14 hours ago [-]
I wouldn't call it laughable. ReactOS was not created only to run half-life. It's just one of their many impressive achievements.
15 hours ago [-]
doawoo 13 hours ago [-]
[dead]
alaskahoffman 15 hours ago [-]
reactos has been in development for 28 years and it can run half-life on real hardware. that is approximately how long half-life 1 itself has existed in the first place!
- a listing of all games that work well on ReactOS, similar to how WineHQ does.
Or perhaps a specialized variant of ReactOS with that focus in mind. Do we have such a list? I assume many games also won't work perfectly well; see WineHQ, that also had tons of issues with some games.
> given enough time
This has been a lifetime for a slice of the human population.
It’s getting into Sagrada Familia territory.
The article talks about construction on the exterior, the cross on the main tower, the Pope's visit and commemoration of the architect, etc. while on the official website the timeline says "Today, more than 140 years after the laying of the cornerstone, construction continues on the Basilica": https://sagradafamilia.org/en/history-of-the-temple
So which one is it? Is this one of those cases where we have to define "done" first?
The big achievement that happened recently is they completed the towers, so it finally reached its target height. Also the Pope's blessing.
Or "A million monkeys with a million typewriters writing Shakespeare" territory
Case in point, ReactOS is far behind what Windows 11 is capable of, and this not taking into account the ARM and CoPilot+ PC hardware changes in modern motherboards.
It is nonetheless relevant, especially in the presence of escape mechanisms to oppressive governments, and digital sovereignty.
lol I guess, it doesn’t annoy you with endless ads and pop ups, doesn’t try to steal your data and passwords, doesn’t force you to buy an entire new computer just to run it. Far behind indeed.
Difficulty: QoL features added to undo the effects of bad design changes in Win11 don’t count, such as “compact view” in Windows 11 File Explorer.
Not just for that. There's an awful, awful lot of ancient embedded hardware running machinery sometimes worth dozens of millions of dollars, and it's running even more ancient software. Siemens, for example, recently searched for people capable of (and willing to) working with Windows 3.11 [1], presumably to deal with the HMI displays for locomotive/train drivers.
When dealing with hardware or software that has lifecycles measured in half-centuries, bridges to allow modern tooling to work with it are really, really important.
[1] https://www.heise.de/news/Deutsche-Bahn-sucht-Admin-fuer-Win...
This is not always the case. Open source projects also die.
We need to improve the funding situation. I have no idea how to do that, but we really need to tackle that problem.
The better the specs of a commercial product, the easier it would be to produce an open source version it, with coding and testing automation perhaps even a one-to-one offering.
It's definitely a huge improvement towards "FOSS Windows."
So unlike Linux systems with Nvidia Kepler cards, you can still run the most up-to-date desktop environment. Or if you have an obscure WiFi card, you can use the Windows drivers.
do windows viruses get ported by such efforts as well?
However, there is a permissions layer that is more nix than Windows, which means the first foothold is still better than XP - you have to choose to execute the file. Self-running things don't tend to infect systems.
Its not a panacea, and there is a risk factor. And there aren't a lot of antivirus systems that can run correctly under ReactOS, because they freak out and think the OS is the malware, because they're scanning hashes for Windows, not another system.
But for a hobby OS, keeping hardware and software accessible after the rest of the world broke access, it still works.
so you can set an app to use a Windows XP compatibility profile, and this will simulate Windows bugs which were fixed in more recent versions of the OS
ReactOS isn't the one that just had one of its package repos owned (again).
EDIT: Worth noting, Arch ain't hosted on AUR. That's the community side only.
[0] https://archlinux.org/news/active-aur-malicious-packages-inc...
I can still happily upgrade via pacman without fear. Haven't been able to update on Windows without concern for over a decade - the malware comes builtin.
[0] https://www.cisa.gov/sites/default/files/2024-03/CSRB%20Revi...
I only have 4 packages installed with AUR and I think that’s the intention. You’re only going there when the other solutions aren’t available or don’t make sense.
Only Apple has made that claim in their marketing and that was 20 years ago when security by obscurity was shielding them, and when Windows XP was such a cesspool that anything with a normal amount of malware would look virus-free by comparison.
Btw if you're running an OS that's never had a malware incident, please, tell us!
https://genode.org
...is essentially impossible to pull off against commercial operating systems, because their core components are all written in-house by staff with photo ID badges, details with HR, tax returns filed with the government, and a cubicle that makes sure that they're locals and not some faceless anonymous hacker identifiable by nothing other than a throwaway faked email address!
I get that there was a lot of "stigma" about open source, the world largely forgot about it, but... actually, in this sense of allowing anonymous contributions it remains a very real risk.
"Jia Tan" was almost certainly a paid professional hacker working for a nation-state actor. Their "helpful contributions" to XZ utils was nowhere near a full-time effort. They certainly had "other irons on the fire", most probably in the Linux kernel or immediately adjacent to it.
He's probably not the only one doing this kind of "work".
For all you know, Linux has more remote exploits purposefully baked into it than Windows has security bugs inadvertently left in it... and don't forget Linux has bugs leading to security vulnerabilities too!
A rough count of "named" CVE 10.0 score (or close to it) vulns in the last 5 years:
7 for Microsoft: ProxyLogon, ProxyShell, ProxyNotShell, LDAPNightmare, PrintNightmare, noPac, Follina
10 for Linux: XZ Utils, regreSSHion, Leaky Vessels, Copy Fail, PwnKit, Dirty Pipe, Looney Tunables, GameOver(lay), Baron Samedit, Sequoia
As for "Linux", you'd need to specify the distro and environment, because Linux systems can be very different from one another. Your XZ example for instance didn't even affect most enterprise distros (like RHEL). regreSSHion didn't affect any musl libc distros like Alpine, but other systems would've also been unaffected had you set your LoginGraceTime to 0, which any sysadmin worth their salt would've done so. Leaky Vessels fails on SELinux enforcing distros (RHEL, Fedora etc) and sandboxed environments. I could go on, but you get the picture. Comparing the number of "Linux" vulnerabilities to Windows is completely pointless.
the ransomware campaigns would have happened on any OS enterprises use, because they were not security flaws in the OS
I think what is being claimed, but not explicitly in the article, is that this is running the NVIDIA driver stack (for an ancient GeForce 8 card) directly, as opposed to emulating DirectX at the API level on top of a Vulkan driver.
Eh. It's sort of like saying FreeDOS is laughable because DOSBox exists. I think that's missing the point.