[xnx]

> This consolidates JPEG XL’s position as the best image codec currently available, for both lossless and lossy compression, across the quality range but in particular for high quality to visually lossless quality. It is Pareto-optimal across a wide range of speed settings.

Wow. Nice. Big improvement if JPEG and PNG can be replaced by one codec.

[lambdaone]

And even better if someone can implement the whole massive spec securely...

[JyrkiAlakuijala]

Disclaimer: As a manager I led the JPEG XL design, implementation and standardization effort at Google, and as an IC I was responsible for lossy format, encoding heuristics and image quality.

JPEG XL is not that massive.

JPEG XL spec is slightly less than 100 pages, about half the size of the JPEG1 spec.

A simple implementation in j40 was around 7000 lines of code last time I looked, not sure if it is 100 % complete however.

A simple encoder at libjxl-tiny is of similar size and very attractive to be used for expressing similar coding decisions in hardware intended for digital cameras.

A complex speed optimized C++ decoder implementation is ~35000 lines of code, but much of it is not due to the spec, but getting most out of SIMD-powered multi-core computers.

The binary size increase in Chromium on arm for adding (in the past) the C++ decoder was around 200 kB in APK size, possibly around 0.1 %.

[fsflover]

This is probably impossible and also not needed. Choose security through compartmentalization (instead of security through correctness that never works), if you really care about security.

Works for me with Qubes OS.

[itintheory]

Do you daily drive Qubes? I'd be curious to hear about your experiences. I've been following the project from the sidelines for years, but haven't taken the leap.

[eptcyka]

Do you hate GPU acceleration? Do you hate using most hardware? Do you like using Xorg? Then Qubes is for you.

This is in jest, but those are my pain points - the AMD thinkpad I have can't run it, the Intel one melts yubikeys when decoding h264 video. The default lock screen can't read capital letters from the yubikeys static password entry. Qubes has a certain user that it caters to, I really wish they could get enough money to be able to cater to more use cases. It is not difficult to use it if it works for you.

[fsflover]

GPU acceleration is coming: https://github.com/QubesOS/qubes-issues/issues/8552

> Do you hate using most hardware?

Nobody uses "most hardware". You may be unlucky with your hardware, then it's a problem. Or you can specifically buy hardware working with the OS you want.

> Do you like using Xorg?

What's wrong with Xorg?

[eptcyka]

> What's wrong with Xorg?

Lock screens that crash. Lock screens that can’t handle input from a yubikey?

[fsflover]

Yes, I daily drive Qubes. It's an amazing feeling to feel in full control over your computing and not being afraid to open any links or attachments. Here is my Qubes OS Elevator Pitch: https://forum.qubes-os.org/t/how-to-pitch-qubes-os/4499/15

It's slow for tasks requiring GPU, but allowing GPU for chosen, trusted VMs is planned: https://github.com/QubesOS/qubes-issues/issues/8552

[JCattheATM]

Just FYI, there are some people that vastly exaggerate the security it provides. For the most part, you're just as safe using flatpak versions of applications.

[fsflover]

When was the last Flatpak escape? Last VM escape from VT-d virtualization, which Qubes uses by default, was found in 2006 by the Qubes founder, https://en.wikipedia.org/wiki/Blue_Pill_(software)

[JCattheATM]

The most recent VM escape from VT-d virtualization was in 2022[0].

Escapes are not the only vulnerability. QSB-108 allows for reading the memory of other qubes running on the host[1].

[0] https://nvd.nist.gov/vuln/detail/CVE-2020-15565

[1] https://www.qubes-os.org/news/2025/07/11/qsb-108/

[lern_too_spel]

Qubes doesn't compartmentalize the image decoder in a web browser from the rest of the renderer, and if you're serving tracking pixels and can exploit image decoding, you can make serious mischief.

[fsflover]

If you use Qubes correctly, then VM in which you go to untrusted websites is disposable and contains no personal information, so there is no mischief to make.

[lern_too_spel]

The web page you are visiting contains personal information, and that is where the mischief can be made. All that is required is for the website to incorrectly trust an image, either by not sanitizing a user-uploaded image or by embedding a third party image. Both trust bugs are rampant on the web, and both have caused problems in the past. Adding an improperly vetted image decoder is a sure-fire way to get exploit authors salivating.

[fsflover]

> The web page you are visiting contains personal information, and that is where the mischief can be made.

This is a weird threat model. You trust some website with your personal information but you don't trust that images they embed are trusted and will not attack you. Nothing will save you here except switching off showing pictures, which you can also do on Qubes.

I would say, if they really embed malicious images, then they probably have other problems with security, which nothing you run can help with.

[adgjlsfhk1]

The part I'm more excited for is all the image-like/bundle of image like data that until Jpeg-xl didn't have any good codecs (usually implemented as folders of images). One clear example of this is PBR in blender and friends. (e.g. a combo of normal map, roughness, color, metalness etc)

[aktau]

This is new to me. Can you elaborate please? Perhaps a link to somewhere showcasing this (and contrasting this to other solutions).

[adgjlsfhk1]

See https://devtalk.blender.org/t/jpeg-xl-as-an-intermediate-for.... TLDR is that one of the really interesting things JPEG-XL adds is the ability to have an arbitrary number of non-color channels. The current solution is generally to use separate grayscale images for each extra thing you want to store, which is inefficient since it loses the ability to compress the correlation between the separate channels. Another example usecase would be capturing images at 10 different wavelengths rather than the typical RGB.

[hulitu]

> Big improvement if JPEG and PNG can be replaced by one codec.

By one ? Ten maybe: webp, avif, ...