I want to say thanks to @dgl for reporting this, and this article is also expertly written.
I also have to say for me personally its quite embarrassing because as I told @dgl when he reported this: I’ve studied his work before and made it a note to test Ghostty against his past discoveries prior to release. And I… quite simply forgot. I didn’t make an issue for myself so it slipped away and here I am with egg on my face. I’m sorry!
But, I appreciate @dgl for the security report, reviewing the fix, and continuing to be an active user of the terminal. I also shared with him some broader thoughts on terminal security in general. Addressing terminal security in a more fundamental way is one of the first proposals I want to make regarding terminal innovation.
My thinking is still too early and under-researched for a formal proposal. But my general feeling having built a terminal over the past 2 years is that the security surrounding escape sequences is fundamentally flawed and poking one by one at these sequences to try to make them individually safe doesn’t feel like the right long term solution.
The surface area is too large and the complexity of some of the newer sequences too high (i.e. Kitty Graphics) to be confident in secure implementations. DoS is far too easy with terminals (Ghostty has a handful of known DoS attacks, but so does pretty much every other terminal I know of). And some legacy sequences are just kind of shocking to have immediately available. For example, DECCOLM is available in macOS Terminal.app. If you issue a DECCOLM (CSI ? 3 h I believe), Terminal.app will physically resize the window and lock it to 132 columns. You can very easily crash Terminal.app at anytime by sending enough of these (a DoS attack). There are many more.
Part of my thinking is trying to design a mechanism that can effectively create something akin to either CPU protection rings or OpenBSD’s pledge() syscall. Whatever the mechanism, the general idea is: reduction of capability.
For example, it makes sense for a shell to be extremely powerful. It’s literally a code execution device. However, it doesn’t make much sense for cat to be able to execute arbitrary escape sequences (which it does today in any terminal). Whether it is the shell or cat itself, something should be able to tell a terminal: “hey, only execute some subset of escape sequences (or none at all).” For cat, that might be none or perhaps just SGR sequences (styles, colors, etc.). The insecurity of cat-ing or tail-ing any form of data that could contain user-generated data is hopefully well known at this point…
As I said before, this thinking is all still very raw and I don’t have anything concrete to proposal. I want to share this because I want folks to know that I’m thinking about it, and perhaps others may be interested in thinking about it with me… if so, please contact me. I’ve already shared this line of thinking with @dgl as well.
samatman 16 days ago [-]
It's not just Kitty graphics, the Kitty Keyboard Protocol is a DOS waiting to happen, and Goyal with his customary charm is very hostile to the idea of correcting his mistake: https://github.com/kovidgoyal/kitty/issues/7749
Short version: as defined, Mode 16 can deliver many megabytes of CSI parameters before the parser ever sees the `u` telling it what it's parsing. Since this is violently different from any other CSI code ever proposed or implemented, it cannot be parsed using any technique or parser which expects sane behavior.
This isn't the only problem with KKB, it must be deprecated and replaced.
fmajid 17 days ago [-]
Shouldn't all these control-plane operations be moved to ioctl instead, like TIOCSWINSZ? Of course, getting all terminal emulators and TUI programs to use them would be a formidable migration undertaking.
hnlmorg 17 days ago [-]
I’m working on similar issues with my terminal emulator. So I’d very much like to be part of that conversation too.
aumerle 17 days ago [-]
You proposal does not address this issue since shells would still need full privileges.
This entire class of exploits (query responses with user controlled data leading to shells executing commands) would be removed if shells just moved to using the kitty keyboard protocol with all key events represented as escape codes and implemented a full escape code parser for data received form the terminal. You cannot embed an escape code inside another, or while technically you can, it is trivial to implement a security policy of disallowing these in both terminals and shells. Then barring implementation bugs in the escape code parser (which can easily be shipped as a standalone native code library) you dont have this entire class of issues and the associated one that the bracketed paste hack was created to address.
mitchellh 17 days ago [-]
I believe it could. A shell could reduce capability by default for all executed shell scripts (file or inline on the prompt) and require opt in to not do this. Something akin to a umask of sorts. It’d break exceedingly few real scripts. (Hand waving a lot here with the “opt in” mechanism to avoid that being scripted but I have ideas)
Also note my thoughts (very much not even close to being a proposal) are very raw. Inviting this kind of discussion is exactly what I hope to do :)
Reduction of capability in general is not intended to address all class of security issue. For example you’d still want unsafe paste detection (to detect newlines or attempted bracketed paste escapes) on a prompt line.
But I think having a mechanism to eliminate the possibility of entire class of actions without wholesale disabling them in the terminal emulator is a desirable property. Right now a lot of these features are mostly on/off.
gigatexal 17 days ago [-]
Whatever you all do please continue the fight. I love love love the ergonomics of the terminal. It feels like a super power for me and is crucial to my work flow. If someone told my CTO that terminals are an attack vector they might do something silly and ban them — might sound crazy but management has gone crazier things.
aumerle 17 days ago [-]
So if I am to understand your proposal more concretely it is something like implement an escape code that the shell can use to turn off all other escape codes (presumably with some kind of listing mechanism) and then have the shell do that before launching any third party script/program/function? How would the shell know which escape codes the program it is running needs?
I can, kind of, see the utility of a pledge() type system within a single program, but in a shell, whose whole job is basically running programs it knows nothing about beyond their name? How would that work?
mitchellh 17 days ago [-]
Sorry to be a broken record but I have no “proposal” whatsoever. It’s more of an information sharing and seeking discussion. I don’t know what I want yet except that I think we can do better. The end result could be that it’s all a terrible idea and that’s okay, but hopefully something comes out of it eventually.
Id love to continue this discussion, but I think HN threads probably aren’t the right medium. If you’d like I can email you or we can schedule a call. I’m not trying to seek privacy, I’d be happy for any to be recorded or shared publicly, I just don’t find HN to be a good place if you really want to dive into this!
aumerle 17 days ago [-]
Of course, I didn't mean to put you in a spot. We can always continue this later once your thoughts have matured. Sadly I have an extremely full schedule so I dont think I have the badwidth to noodle on this at this stage but if and when you have something more concrete please do post it somewhere public and I will try to contribute to the discussion.
moderation 17 days ago [-]
But strangely have a lot of time to post here
sevg 17 days ago [-]
And a lot of time to post only about kitty XD
remram 17 days ago [-]
aumerle is Kovid Goyal, the author of kitty.
hitekker 16 days ago [-]
Thanks for calling this out.
I'll remember his comments as an example of how much pettiness both drives and undermines OSS.
mitchellh 17 days ago [-]
Appreciate it! <3
rockorager 16 days ago [-]
I've discussed with Mitchell a bit in the past on this, but there are a few ways to opt in to this. First, let's imagine there is some escape sequence that tells the terminal to ignore some set of escape sequences.
1. The shell could have a keybind (say, ctrl+enter) which runs the command with (for example) only styling enabled (CSI m sequences).
2. You could write a wrapper around any program to do the same. The shell doesn't need to know anything about the system, but instead you have a wrapper that disables and then reenables said sequences.
3. A program itself can opt in by turning on the feature at launch. This allows CLI / TUI developers to "safeguard" their programs from malicious attacks.
rollcat 17 days ago [-]
I really wish that 1% of the sustained effort that is currently being devoted to building terminal emulators and TUI applications was collectively redirected at researching a better future to fill this niche.
Terminal emulators and TUI applications belong with the DMG Gameboys, Commodore 64's, and DOSBoxes: as a historical curiosity and something for the enthusiasts to enjoy after hours. But we've come to rely on them almost to the point where they're being fetishised; most of us using this technology nowadays aren't even questioning its negative impact.
We need better command line / REPL environments. We need better cross-platform GUI toolkits. We need better remote access. And we need to let go of the TV teletype.
SirHumphrey 17 days ago [-]
It's X11/systemd/ipv4 problem. People agreeing there is a problem doesn't mean that any single solution will be accepted. With terminals you have a system that works with anything from HPC-s to serial devices. An alternative would probably need to drop support for something, meaning congratulations: The number of standards increased by 1 - probably 2 by the time that people unsupported by the modern alternative decide that they too would like something new.
The current effort can at least be pointed towards something.
rollcat 16 days ago [-]
I don't think we need a new standard (the web is already a standard, and PWAs/Electron build on top of it), we simply need better incentives/trade-offs for people who would like to write portable software, but are stuck between TUI and a hard place.
I'm weirdly attracted to Tk (with Tcl or Tkinter). It's not shiny, but it's very practical.
vacuity 17 days ago [-]
I think you're both right in that we need standards, and we'll get them but with fractures, but at the same time we could try harder to reduce the incidence of fractures. Because at the end of the day this is all a social problem, and social problems can only be fixed by the society coming together.
Yes, I've been following it for a while - it's exactly the kind of research that I had on my mind. I don't necessarily agree with some of the design choices (I don't think we need a middle layer underneath VT100 emulation to make TUI apps, TUI is IMHO just terrible as a concept to begin with), but SHMIF has the mark of a battle-tested protocol, and many other concepts are very interesting.
throwaway1985s 14 days ago [-]
They treat CLIs as a subclass of TUIs. Underneath it all it is just a high-level decoupling API to replace ncurses/readline/.... The output becomes a window with a packed-text buffer format. You can mix and match graphical windows with TUI(CLI) ones in the same client.
machinestops 16 days ago [-]
I appreciate the commitment it has to backwards compatibility - the TUI apps are better by virtue of running on top of Arcan's layer, with no changes.
voxtech 16 days ago [-]
1% of the sustained effort being spent on terminal emulators would be like a third of an engineer, so I have some great news for you.
17 days ago [-]
sevg 17 days ago [-]
I’m impressed with how many bugs (security and otherwise) have been fixed and new features included [0] in the 1.0.1 release, considering the first public release (1.0) was only 5 days ago.
It’s interesting how singularly passionate you are about Kitty, with almost all of your comments for the last year (or longer) being about Kitty.
Don’t you have something more interesting to do with your time than to find opportunities to say: nah Kitty is better ;)
I was just finding something to be impressed about, considering it has only just gone public and open source (as opposed to a mature project with established GitHub presence and flow of contributions).
throwawaykitten 17 days ago [-]
FYI: aumerle is kitty's maintainer.
i don't know why he is talking about the project as if unaffiliated.
sevg 17 days ago [-]
Oh boy, that actually explains a lot! And this whole time he was accusing me of being insincere XD
Also explains why he suddenly had no time to talk further when ghostty’s author offered to have a call elsewhere in this thread. Just here to advertise his terminal.
I must say, I quite like how ghostty’s author has conducted himself. Might give ghostty a try once it’s packaged for my distro and first few rounds of bugfixes are in.
saagarjha 17 days ago [-]
Like, this is Kovid? This has to be a violation of the site guidelines.
For what it's worth I have reached out to 'dang about this because I think it is completely unacceptable to do this on the site.
sevg 15 days ago [-]
Would be interested to know the outcome later :)
saagarjha 14 days ago [-]
The account has been banned.
sevg 13 days ago [-]
Thanks for raising the issue with dang, and for the update!
fmajid 17 days ago [-]
Like Julius Caesar, who used to write about himself in the third person laudative demonstrative ("ille")?
aumerle 17 days ago [-]
Yup kitty revolutionized my terminal experience, hence the passion. I am sorry but since you seem to be passionate enough about ghostty to try to shill it in a article about a security vulnerability in it, I don't think you have a leg to stand on when it comes to complaining about my posts.
If you want to claim that ghostty is developed very rapidly it behoves you to do a little research and compare it against its peers before making that claim.
sevg 17 days ago [-]
What a strange reply.
Kitty has been my terminal for years. I haven’t even used ghostty. I’m not shilling anything. Good grief. Try looking in a mirror.
I was making a good faith comment just adding something positive. No need to turn it into a war. It’s strange (and just wrong) that you think I need to review the development velocity of all other projects before being impressed by something. Actually, no. To be impressed by the rainbow outside my window, I need not have seen and reviewed all other rainbows.
aumerle 17 days ago [-]
[flagged]
sevg 17 days ago [-]
Implying I’m a liar is a silly cheap shot.
I’ve made zero HN comments about Firefox, Thunderbird and Blender. But I must be lying when I say I use those every day.
You seem to have interpreted my original comment as a declaration of ghostty’s superiority. It wasn’t. Not every positive comment about a piece of software must also be interpreted as an attack on another piece of software, such that you have to come to its defence.
Though perhaps you will tell me I’m forbidden from being impressed by any terminal other than Kitty, and certainly not God-forbid actually share that thought on HN!
aumerle 17 days ago [-]
[flagged]
sevg 17 days ago [-]
It’s actually possible to make a positive comment about something and for it to be sincere. These are not mutually exclusive.
Though it seems if there’s a positive comment about a terminal that you don’t personally think deserves it, the commenter must be a shill.
Honestly quite bizarre how this sub-thread has turned out. What I thought was an innocent comment, you’ve turned into ghostty vs kitty. Not everything has to be turned into Vim vs Emacs, systemd vs anti-systemd, or which is objectively the best terminal. It’s possible to be impressed with ghostty’s release velocity without it being a judgment about Kitty or any other terminal or software project. But alas, in order to make a positive comment about ghostty, I must have already had a proven history of making positive comments about other terminals ;)
aumerle 17 days ago [-]
[flagged]
sevg 17 days ago [-]
Personal attack? I just said it was interesting you mostly only comment about Kitty. Which is factually true. (It’s also not a criticism to be singularly passionate about something.) I’m often curious about people’s previous comments, it’s not some decision I made to research your comment history.
I make one, single, lone comment about ghostty. You regularly (almost exclusively) seize opportunities to talk about Kitty, especially in threads that are about other terminals. And I’m the shill? Ok.
You’ve also successfully set the goalposts up such that, even if I did have something to prove to you (which I don’t), I can’t prove anything anyway! It’s impossible to prove what terminal I use or don’t use. And impossible to go back and change my comment history. So, well played I guess ;)
aumerle 17 days ago [-]
[flagged]
sevg 17 days ago [-]
> To wit, ghostty does not actually have a fast release velocity compared to its peers.
Sigh. I’ll explain again but seems like you don’t want to listen either ;)
My original comment didn’t have to spark a comparison war.
If I walk past a new flower shop in my village and remark at how beautiful the roses look, it isn’t criticizing all other flower shops and or saying this one has the best roses. Maybe I even already know a shop with better roses. It’s just a comment, not a declaration of superiority. It actually doesn’t matter if another shop sells better roses, it doesn’t make the initial comment wrong, worthless and worth shooting down.
Now let’s say 5 days after the shop opens, they leave the doors and till unlocked and the local news posts an article about it on the front page. The shop owner reacts quickly to improve security.
A little embarrassing perhaps. So seeing this, I think to say something encouraging instead of piling on negativity, because new businesses can be good for people but also face a lot of challenges.
Basically, something called empathy :)
aumerle 17 days ago [-]
[flagged]
sevg 17 days ago [-]
> And I didn't feel the need to resort to personally attacking you to try to make my point. Something you should learn from.
Coming from the person repeatedly calling me a shill and a liar? Don’t make me laugh!
It seems you still don’t get it. You are the one that has turned this into ghostty vs kitty, not me. I suspect you understand the flower shop analogy but are just ignoring it because it doesn’t help your argument. At no point have I said that ghostty is better than kitty ;) I’m still using kitty as we speak, so my usual flower shop hasn’t changed.
It’s kind of sad that you are so upset that someone on the internet could possibly be impressed with ghostty’s 1.0.1 release notes. I have little interest in your take on it, because it is needlessly trolling on an innocent comment.
Possibly you should take note from the downvotes and flags on your comments here. No doubt you will blame the army of ghostty shills who have organised themselves into a globally coordinated voting ring. As for me, I take it as a signal that what you have to say on this thread isn’t particularly interesting or worth replying to.
aumerle 17 days ago [-]
[flagged]
sevg 17 days ago [-]
> to refute yours
Oh boy, you still don’t get it! The fact you saw it as something that needed refuting really says a lot more about you than anything else. It’s actually ok to let positive comments about other terminals go unrefuted and just get on with your life ;) But seemingly you can’t let it go.
By the way, nobody is choosing ghostty over kitty just because of the release notes for 1.0.1, so no need to fret! If I was shilling I’d have picked something more persuasive ;)
For anyone else following this disaster of a subthread, I’ve now realised “aumerle” is actually Kovid Goyal, the undisclaimed author of Kitty.
If I had to speculate, seems he’s just on edge that there’s a new kid on the block gaining popularity. A story as old as time!
aumerle 17 days ago [-]
[flagged]
sevg 17 days ago [-]
> Still waiting for you to admit you were wrong in the first place.
It’s actually incredible you still don’t see. It’s impossible for my comment to be wrong, because I get to decide what I’m impressed by. Just because you wrote a terminal, doesn’t mean you suddenly have authority to tell others what they should or shouldn’t be impressed by. You have no such authority :) If I’d claimed that ghostty’s release velocity is better than kitty’s (or vice versa), then you’d have a point. But I didn’t ;)
> You have provided increasingly desperate personal attacks.
Actually, I haven’t. I also don’t have skin in the game and have no reason to be desperate. I haven’t devoted a significant amount of my time to writing a terminal, for example. And I don’t even use ghostty (yet).
Downvotes on your comments are still ticking up, as are upvotes on mine. I know it’s not kosher to talk about votes, but I don’t know what other signal you need to maybe take a break for a bit and calm down :)
aumerle 17 days ago [-]
[flagged]
sevg 16 days ago [-]
> "It's impossible for me to be wrong" that right there tells us all we need to know about you.
Actually, it doesn’t, as it’s very clear you still don’t understand what I’m saying XD
If I was comparing ghostty to kitty, I can obviously be wrong. But I was just saying I’m impressed, which literally can’t be wrong unless I’m lying about being impressed.
It’s like if I look across a lake and say “what a lovely view”. And someone comes by and says “no there’s a much better one where I was standing, you should take back what you said or provide evidence to your claim”. Don’t you see how silly this is ;)
> Do you actually believe ghostty has a development velocity faster than its peers, specifically, kitty and WezTerm? Yes or no.
You said you didn’t give a “rat’s ass” about my opinion ;)
This is where you’ve gone wrong. It don’t know or care whether ghostty has a development velocity faster than kitty. I didn’t say it did. Nobody in this sub-thread has said anything (good or bad) about kitty. The only person interested in ghostty vs kitty in this sub-thread is you.
So the question you’re demanding that I answer is like demanding I prove that the view I was impressed with across the lake is better than the view you had. When it really doesn’t matter which view was better. It’s possible to be impressed by something in isolation, without it being turned into a competition.
I’m not answering your question because I have no part to play in the 1-person argument you’re having with yourself about whose development velocity is faster, when nobody was making the comparison to begin with (except you).
I feel like I’m wasting my breath though, but at least I can say I tried! And I suspect HN comment depth limits may kick in soon. So I’ll bow out now and give you the pleasure of the last word, since you certainly seem to need it more than me ;)
aumerle 16 days ago [-]
[flagged]
voxtech 16 days ago [-]
Why would it need to be faster than its peers to be impressive? That implies that a person can only be impressed by one thing in any given category.
sevg 16 days ago [-]
I see you can’t answer voxtech’s question, because your entire position would crumble to dust ;)
I hope you’ve had a chance to reflect and learn from this. Your responses and logical reasoning here has only made you look foolish. HN seems to agree, though people have actually done you a favor by flagging ~8 of your comments to death!
17 days ago [-]
mitchellh 17 days ago [-]
Kitty is a great terminal and Kovid does excellent work. I have a ton of respect for him. Ghostty (disclaimer: I’m the creator) could also be and I appreciate anyone who thinks so. There doesn’t have to be a winner/loser mentality!
The big picture is to get more people to use the terminal more for cases it’s good for. Infighting amongst people who already like terminals is counter productive, in my opinion.
throwawaykitten 17 days ago [-]
it's good practice to note when you're the maintainer :)
still if you insist on direct comparison, ghostty addressed 5x as many issues in half the time
rurban 17 days ago [-]
Actually usable now, or still entirely insecure?
wunderwuzzi23 16 days ago [-]
An important new attack vector are actually CLI LLM applications.
During prompt injection an attacker can cause such ANSI escape codes to be emitted!
Check out this post to learn more about Terminal DiLLMa and how to mitigate it:
It is worth mentioning my prior report on Bugtraq from 1999 [1], which predates that Bugtraq 2003 report. I recall there were earlier reports elsewhere, though I'm uncertain if I made my exploit publicly available. What stood out about this type of exploit was that it could be triggered simply by a banner in FTP/Telnet/SSH.
This is fascinating. I was just playing around with this pretty printing library in .net and I wondered how security critical such a thing was, and whether or not it could be trusted.
I want to say thanks to @dgl for reporting this, and this article is also expertly written.
I also have to say for me personally its quite embarrassing because as I told @dgl when he reported this: I’ve studied his work before and made it a note to test Ghostty against his past discoveries prior to release. And I… quite simply forgot. I didn’t make an issue for myself so it slipped away and here I am with egg on my face. I’m sorry!
But, I appreciate @dgl for the security report, reviewing the fix, and continuing to be an active user of the terminal. I also shared with him some broader thoughts on terminal security in general. Addressing terminal security in a more fundamental way is one of the first proposals I want to make regarding terminal innovation.
My thinking is still too early and under-researched for a formal proposal. But my general feeling having built a terminal over the past 2 years is that the security surrounding escape sequences is fundamentally flawed and poking one by one at these sequences to try to make them individually safe doesn’t feel like the right long term solution.
The surface area is too large and the complexity of some of the newer sequences too high (i.e. Kitty Graphics) to be confident in secure implementations. DoS is far too easy with terminals (Ghostty has a handful of known DoS attacks, but so does pretty much every other terminal I know of). And some legacy sequences are just kind of shocking to have immediately available. For example, DECCOLM is available in macOS Terminal.app. If you issue a DECCOLM (CSI ? 3 h I believe), Terminal.app will physically resize the window and lock it to 132 columns. You can very easily crash Terminal.app at anytime by sending enough of these (a DoS attack). There are many more.
Part of my thinking is trying to design a mechanism that can effectively create something akin to either CPU protection rings or OpenBSD’s pledge() syscall. Whatever the mechanism, the general idea is: reduction of capability.
For example, it makes sense for a shell to be extremely powerful. It’s literally a code execution device. However, it doesn’t make much sense for cat to be able to execute arbitrary escape sequences (which it does today in any terminal). Whether it is the shell or cat itself, something should be able to tell a terminal: “hey, only execute some subset of escape sequences (or none at all).” For cat, that might be none or perhaps just SGR sequences (styles, colors, etc.). The insecurity of cat-ing or tail-ing any form of data that could contain user-generated data is hopefully well known at this point…
As I said before, this thinking is all still very raw and I don’t have anything concrete to proposal. I want to share this because I want folks to know that I’m thinking about it, and perhaps others may be interested in thinking about it with me… if so, please contact me. I’ve already shared this line of thinking with @dgl as well.
Short version: as defined, Mode 16 can deliver many megabytes of CSI parameters before the parser ever sees the `u` telling it what it's parsing. Since this is violently different from any other CSI code ever proposed or implemented, it cannot be parsed using any technique or parser which expects sane behavior.
This isn't the only problem with KKB, it must be deprecated and replaced.
This entire class of exploits (query responses with user controlled data leading to shells executing commands) would be removed if shells just moved to using the kitty keyboard protocol with all key events represented as escape codes and implemented a full escape code parser for data received form the terminal. You cannot embed an escape code inside another, or while technically you can, it is trivial to implement a security policy of disallowing these in both terminals and shells. Then barring implementation bugs in the escape code parser (which can easily be shipped as a standalone native code library) you dont have this entire class of issues and the associated one that the bracketed paste hack was created to address.
Also note my thoughts (very much not even close to being a proposal) are very raw. Inviting this kind of discussion is exactly what I hope to do :)
Reduction of capability in general is not intended to address all class of security issue. For example you’d still want unsafe paste detection (to detect newlines or attempted bracketed paste escapes) on a prompt line.
But I think having a mechanism to eliminate the possibility of entire class of actions without wholesale disabling them in the terminal emulator is a desirable property. Right now a lot of these features are mostly on/off.
I can, kind of, see the utility of a pledge() type system within a single program, but in a shell, whose whole job is basically running programs it knows nothing about beyond their name? How would that work?
Id love to continue this discussion, but I think HN threads probably aren’t the right medium. If you’d like I can email you or we can schedule a call. I’m not trying to seek privacy, I’d be happy for any to be recorded or shared publicly, I just don’t find HN to be a good place if you really want to dive into this!
I'll remember his comments as an example of how much pettiness both drives and undermines OSS.
1. The shell could have a keybind (say, ctrl+enter) which runs the command with (for example) only styling enabled (CSI m sequences).
2. You could write a wrapper around any program to do the same. The shell doesn't need to know anything about the system, but instead you have a wrapper that disables and then reenables said sequences.
3. A program itself can opt in by turning on the feature at launch. This allows CLI / TUI developers to "safeguard" their programs from malicious attacks.
Terminal emulators and TUI applications belong with the DMG Gameboys, Commodore 64's, and DOSBoxes: as a historical curiosity and something for the enthusiasts to enjoy after hours. But we've come to rely on them almost to the point where they're being fetishised; most of us using this technology nowadays aren't even questioning its negative impact.
We need better command line / REPL environments. We need better cross-platform GUI toolkits. We need better remote access. And we need to let go of the TV teletype.
The current effort can at least be pointed towards something.
I'm weirdly attracted to Tk (with Tcl or Tkinter). It's not shiny, but it's very practical.
[0]: https://ghostty.org/docs/install/release-notes/1-0-1
In case someone didn't know, the infamous Calibre bug report: https://bugs.launchpad.net/calibre/+bug/885027
Don’t you have something more interesting to do with your time than to find opportunities to say: nah Kitty is better ;)
I was just finding something to be impressed about, considering it has only just gone public and open source (as opposed to a mature project with established GitHub presence and flow of contributions).
i don't know why he is talking about the project as if unaffiliated.
Also explains why he suddenly had no time to talk further when ghostty’s author offered to have a call elsewhere in this thread. Just here to advertise his terminal.
I must say, I quite like how ghostty’s author has conducted himself. Might give ghostty a try once it’s packaged for my distro and first few rounds of bugfixes are in.
If you want to claim that ghostty is developed very rapidly it behoves you to do a little research and compare it against its peers before making that claim.
Kitty has been my terminal for years. I haven’t even used ghostty. I’m not shilling anything. Good grief. Try looking in a mirror.
I was making a good faith comment just adding something positive. No need to turn it into a war. It’s strange (and just wrong) that you think I need to review the development velocity of all other projects before being impressed by something. Actually, no. To be impressed by the rainbow outside my window, I need not have seen and reviewed all other rainbows.
I’ve made zero HN comments about Firefox, Thunderbird and Blender. But I must be lying when I say I use those every day.
You seem to have interpreted my original comment as a declaration of ghostty’s superiority. It wasn’t. Not every positive comment about a piece of software must also be interpreted as an attack on another piece of software, such that you have to come to its defence.
Though perhaps you will tell me I’m forbidden from being impressed by any terminal other than Kitty, and certainly not God-forbid actually share that thought on HN!
Though it seems if there’s a positive comment about a terminal that you don’t personally think deserves it, the commenter must be a shill.
Honestly quite bizarre how this sub-thread has turned out. What I thought was an innocent comment, you’ve turned into ghostty vs kitty. Not everything has to be turned into Vim vs Emacs, systemd vs anti-systemd, or which is objectively the best terminal. It’s possible to be impressed with ghostty’s release velocity without it being a judgment about Kitty or any other terminal or software project. But alas, in order to make a positive comment about ghostty, I must have already had a proven history of making positive comments about other terminals ;)
I make one, single, lone comment about ghostty. You regularly (almost exclusively) seize opportunities to talk about Kitty, especially in threads that are about other terminals. And I’m the shill? Ok.
You’ve also successfully set the goalposts up such that, even if I did have something to prove to you (which I don’t), I can’t prove anything anyway! It’s impossible to prove what terminal I use or don’t use. And impossible to go back and change my comment history. So, well played I guess ;)
Sigh. I’ll explain again but seems like you don’t want to listen either ;)
My original comment didn’t have to spark a comparison war.
If I walk past a new flower shop in my village and remark at how beautiful the roses look, it isn’t criticizing all other flower shops and or saying this one has the best roses. Maybe I even already know a shop with better roses. It’s just a comment, not a declaration of superiority. It actually doesn’t matter if another shop sells better roses, it doesn’t make the initial comment wrong, worthless and worth shooting down.
Now let’s say 5 days after the shop opens, they leave the doors and till unlocked and the local news posts an article about it on the front page. The shop owner reacts quickly to improve security.
A little embarrassing perhaps. So seeing this, I think to say something encouraging instead of piling on negativity, because new businesses can be good for people but also face a lot of challenges.
Basically, something called empathy :)
Coming from the person repeatedly calling me a shill and a liar? Don’t make me laugh!
It seems you still don’t get it. You are the one that has turned this into ghostty vs kitty, not me. I suspect you understand the flower shop analogy but are just ignoring it because it doesn’t help your argument. At no point have I said that ghostty is better than kitty ;) I’m still using kitty as we speak, so my usual flower shop hasn’t changed.
It’s kind of sad that you are so upset that someone on the internet could possibly be impressed with ghostty’s 1.0.1 release notes. I have little interest in your take on it, because it is needlessly trolling on an innocent comment.
Possibly you should take note from the downvotes and flags on your comments here. No doubt you will blame the army of ghostty shills who have organised themselves into a globally coordinated voting ring. As for me, I take it as a signal that what you have to say on this thread isn’t particularly interesting or worth replying to.
Oh boy, you still don’t get it! The fact you saw it as something that needed refuting really says a lot more about you than anything else. It’s actually ok to let positive comments about other terminals go unrefuted and just get on with your life ;) But seemingly you can’t let it go.
By the way, nobody is choosing ghostty over kitty just because of the release notes for 1.0.1, so no need to fret! If I was shilling I’d have picked something more persuasive ;)
For anyone else following this disaster of a subthread, I’ve now realised “aumerle” is actually Kovid Goyal, the undisclaimed author of Kitty.
If I had to speculate, seems he’s just on edge that there’s a new kid on the block gaining popularity. A story as old as time!
It’s actually incredible you still don’t see. It’s impossible for my comment to be wrong, because I get to decide what I’m impressed by. Just because you wrote a terminal, doesn’t mean you suddenly have authority to tell others what they should or shouldn’t be impressed by. You have no such authority :) If I’d claimed that ghostty’s release velocity is better than kitty’s (or vice versa), then you’d have a point. But I didn’t ;)
> You have provided increasingly desperate personal attacks.
Actually, I haven’t. I also don’t have skin in the game and have no reason to be desperate. I haven’t devoted a significant amount of my time to writing a terminal, for example. And I don’t even use ghostty (yet).
Downvotes on your comments are still ticking up, as are upvotes on mine. I know it’s not kosher to talk about votes, but I don’t know what other signal you need to maybe take a break for a bit and calm down :)
Actually, it doesn’t, as it’s very clear you still don’t understand what I’m saying XD
If I was comparing ghostty to kitty, I can obviously be wrong. But I was just saying I’m impressed, which literally can’t be wrong unless I’m lying about being impressed.
It’s like if I look across a lake and say “what a lovely view”. And someone comes by and says “no there’s a much better one where I was standing, you should take back what you said or provide evidence to your claim”. Don’t you see how silly this is ;)
> Do you actually believe ghostty has a development velocity faster than its peers, specifically, kitty and WezTerm? Yes or no.
You said you didn’t give a “rat’s ass” about my opinion ;)
This is where you’ve gone wrong. It don’t know or care whether ghostty has a development velocity faster than kitty. I didn’t say it did. Nobody in this sub-thread has said anything (good or bad) about kitty. The only person interested in ghostty vs kitty in this sub-thread is you.
So the question you’re demanding that I answer is like demanding I prove that the view I was impressed with across the lake is better than the view you had. When it really doesn’t matter which view was better. It’s possible to be impressed by something in isolation, without it being turned into a competition.
I’m not answering your question because I have no part to play in the 1-person argument you’re having with yourself about whose development velocity is faster, when nobody was making the comparison to begin with (except you).
I feel like I’m wasting my breath though, but at least I can say I tried! And I suspect HN comment depth limits may kick in soon. So I’ll bow out now and give you the pleasure of the last word, since you certainly seem to need it more than me ;)
I hope you’ve had a chance to reflect and learn from this. Your responses and logical reasoning here has only made you look foolish. HN seems to agree, though people have actually done you a favor by flagging ~8 of your comments to death!
The big picture is to get more people to use the terminal more for cases it’s good for. Infighting amongst people who already like terminals is counter productive, in my opinion.
still if you insist on direct comparison, ghostty addressed 5x as many issues in half the time
During prompt injection an attacker can cause such ANSI escape codes to be emitted!
Check out this post to learn more about Terminal DiLLMa and how to mitigate it:
https://embracethered.com/blog/posts/2024/terminal-dillmas-p...
[1] "Kvt bug": <https://seclists.org/bugtraq/1999/Sep/432>
https://spectreconsole.net/
Things like this make me a little more cautious about standard out in general! More research to do.