On Tue, 16 Jun 2026 01:34:06 +0200 John Paul Adrian Glaubitz wrote: > On Mon, 2026-06-15 at 15:29 -0700, Jakub Kicinski wrote: > > This tiny series moves appletalk out of tree, to: > > > > https://github.com/linux-netdev/mod-orphan > > > > Core maintainainers are unable to keep up with the rate of security > > bug reports and fixes. Nobody seems to care about appletalk enough > > to review the patches. > > Why would fixing these vulnerabilities be relevant? No one is going to > expose an Apple Talk server to an untrusted network, are they? The same > applies to hamradio and AX.25, they are all used by hobbyists in DMZ > networks, so no one really cares about vulnerabilities in these protocols. > > I find it sad that AI tools are basically used to shoot at the kernel > to kill off features as some people are apparently getting scared by > these AI reports and just nuke everything in a panic reaction as if it > wouldn't just be possible to disable these protocols at compile time > to reduce the attack surface. > > > As Eric pointed out Mac OS dropped AppleTalk over a decade ago. > > That's not the point though. No one is going to use AppleTalk to network > a Linux box to a modern macOS machine. The usefulness lies in hooking up > a Linux box to a vintage Mac or other retro computer. > > So far, one of the huge advantages of open source operating systems has > always been that even niche use cases were supported and people could make > use of old hardware by using open source operating systems over commercial > offerings such as Windows or macOS. > > With the advent of AI security reports, these niche use cases are more and > more being killed off with the argument that a vulnerability in the harmradio > code could pose a threat to a large SAP database running on a Linux enterprise > distribution. However, if your enterprise distribution is enabling kernel > features their customers aren't using and therefore enlarging the attack > surface, > it's more a problem of said enterprise distribution and not of these old and > obscure network protocols. > > I am trying my best to save as many classic features in the kernel as possible > to enable retro computing but I am sometimes fearing that commercial interest > in the kernel is taking over too much making my efforts harder every day.
We can complain about the AI slop til the cows comes home. I don't like it, you don't like it. What difference does it make? If y'all have real solutions please share. Complaining about "commercial interests" and "nuk[ing] everything in a panic reaction" is not helpful.
