Comments I've seen on LWN mostly report that all the modern amateur radio tools work entirely in userspace with generic device drivers and don't need any specialized kernel drivers at all.
Yes. Linux code has been unpleasant for a long time.
LLMs are just industrializing the process, generating bad code at an unmanageable volume, while the companies behind them are working hard to enshittify any form of intellectual work and shit on (sorry, disrupt) society.
There's a reason that sentiment is rapidly getting more negative around AI as people get more exposed to it, especially outside the tech industry.
We are not building towards a pleasant future. We are making the world worse for people.
We are not building towards a pleasant future. We are making the world worse for people.
Tbh i feel like a lot of "the web tech industry", which is where i have worked and made dollars for nearly two decades, hinges heavily on snake-oil-salesmanship of things that say they'll make your life better when in fact it's really just not that good, if not quite worse in subtle ways. (I'd like to add, a posteriori, that while this appears anecdotally true of the stuff within my immediate field of view, I don't know that it's not true elsewhere (and my observation remains anecdotal, but i'm fast developing an allergy to new webshits that promise me a glorious future free of whatever toil this specific thing pretends it's fixing))
Yes, whether the tech industry has made life better for people has been ambiguous for a very long time. I think more recently, the newly found focus is removing ambiguity very effectively.
I still have a couple of PCMCIA wifi cards (from around 2008) that I plan on using in a rebuild of a Compaq Armada E500 laptop that I have lying around.
Thought a lot about since I first heard about this. At my university computer club there was a project to keep ancient hardware running forever, and there was commercial interest in it. Companies used it for CI for some specific hard to replace hardware still in use. Problem was all of these systems were too insecure to run on the internet.
Point is that it's already been unviable to maintain security for the long tail of hardware that has low or no commercial value. And I think this is the right move regardless of LLMs. We need a better structure than a monorepo for all drivers ever used over the last 4 decades. We need a tiered structure with different guarantees, hopefully with well defined ABIs so we can keep compiling extra, insecure modules that we need for obscure systems.
If we are now fabulously able to proactively find and fix vulns, shouldn't we be living in a golden age of security? What's with all the dark ages crap happening?
Even if they did provide patches along with the reports, reviewing them still creates a burden on the maintainers[0] for negligible benefit.
[0] I was gonna say to make sure there's no deliberate vulns being added, but that does not make sense in this context because a) if they're adding vulns there'd be no point in fixing others in the first place and b) vulns in a driver no one uses can't be exploited. Review still takes time though, and patching code without having the hardware to test it is likely to break shit
Technically, yes. But it would be a good way to sneak in a vulnerability: create a patch that ‘fixes’ a bug in a driver no one uses, which requires a small change in generic code (with a nice long comment explaining plausibly why it’s necessary) that introduces the real vulnerability that you’re going to exploit. And I bet LLMs are really good at helping with this, they’re great at producing code that looks entirely plausible.
We are similarly cutting out code we no longer want to support with a bit more urgency. Honestly, this is a net positive effect for us, because it lowers the technical debt in general (e.g., not having to update code that people don't actually use, reducing the test surface, etc.).
We have gotten a lot of BS LLM reports in the meantime, though, which has done a great job of highlighting stuff to delete.
I think dropping those drivers is extremely reasonable and a very pragmatic solution. If someone still needs to use those drivers, they're probably running on an old machine and can use an old version of Linux.
I remember when 3Com LAN cards were the go-to for Linux support. We had a box of old 3Com cards in the office so we could quickly set up pretty much any desktop or server machine with Linux.
somasis | 14 hours ago
damn, I was interested in messing with the ax25 driver when I first heard there was some amateur radio stuff in the kernel 😔
riking | 9 hours ago
Comments I've seen on LWN mostly report that all the modern amateur radio tools work entirely in userspace with generic device drivers and don't need any specialized kernel drivers at all.
dpc_pw | 18 hours ago
LLMs proving that before LLMs people also were writing crappy code.
orib | 16 hours ago
Yes. Linux code has been unpleasant for a long time.
LLMs are just industrializing the process, generating bad code at an unmanageable volume, while the companies behind them are working hard to enshittify any form of intellectual work and shit on (sorry, disrupt) society.
There's a reason that sentiment is rapidly getting more negative around AI as people get more exposed to it, especially outside the tech industry.
We are not building towards a pleasant future. We are making the world worse for people.
o5r | 14 hours ago
Tbh i feel like a lot of "the web tech industry", which is where i have worked and made dollars for nearly two decades, hinges heavily on snake-oil-salesmanship of things that say they'll make your life better when in fact it's really just not that good, if not quite worse in subtle ways. (I'd like to add, a posteriori, that while this appears anecdotally true of the stuff within my immediate field of view, I don't know that it's not true elsewhere (and my observation remains anecdotal, but i'm fast developing an allergy to new webshits that promise me a glorious future free of whatever toil this specific thing pretends it's fixing))
orib | 13 hours ago
Yes, whether the tech industry has made life better for people has been ambiguous for a very long time. I think more recently, the newly found focus is removing ambiguity very effectively.
johnolinda | 12 hours ago
That hurt.
aapoalas | 8 hours ago
I still have a couple of PCMCIA wifi cards (from around 2008) that I plan on using in a rebuild of a Compaq Armada E500 laptop that I have lying around.
This may complicate matters.
cajually | 5 hours ago
Thought a lot about since I first heard about this. At my university computer club there was a project to keep ancient hardware running forever, and there was commercial interest in it. Companies used it for CI for some specific hard to replace hardware still in use. Problem was all of these systems were too insecure to run on the internet.
Point is that it's already been unviable to maintain security for the long tail of hardware that has low or no commercial value. And I think this is the right move regardless of LLMs. We need a better structure than a monorepo for all drivers ever used over the last 4 decades. We need a tiered structure with different guarantees, hopefully with well defined ABIs so we can keep compiling extra, insecure modules that we need for obscure systems.
calvin | 6 hours ago
Cards that late will be CardBus. The only pure PCMCIA WiFi cards won't be able to join modern networks, not being able to support WPA2.
conartist6 | 11 hours ago
If we are now fabulously able to proactively find and fix vulns, shouldn't we be living in a golden age of security? What's with all the dark ages crap happening?
liberty | 11 hours ago
If LLMs are the panacea people present them as they should be able to maintain those legacy drivers themselves too.
minus | 4 hours ago
Even if they did provide patches along with the reports, reviewing them still creates a burden on the maintainers[0] for negligible benefit.
[0] I was gonna say to make sure there's no deliberate vulns being added, but that does not make sense in this context because a) if they're adding vulns there'd be no point in fixing others in the first place and b) vulns in a driver no one uses can't be exploited. Review still takes time though, and patching code without having the hardware to test it is likely to break shit
david_chisnall | 4 hours ago
Technically, yes. But it would be a good way to sneak in a vulnerability: create a patch that ‘fixes’ a bug in a driver no one uses, which requires a small change in generic code (with a nice long comment explaining plausibly why it’s necessary) that introduces the real vulnerability that you’re going to exploit. And I bet LLMs are really good at helping with this, they’re great at producing code that looks entirely plausible.
Yogurt | 15 hours ago
I wonder if LLMs end up being the best argument ever for doing code cleanups
e3bc54b2 | 10 hours ago
Code cleanup is expensive. Especially for big sprawling codebases like the kernel. Doubly so for things that interact with decades old hardware.
LLMs themselves lend no hand towards this kind of cleanup, unfortunately. That asymmetry is why the idea to drop these old drivers.
addison | 13 hours ago
We are similarly cutting out code we no longer want to support with a bit more urgency. Honestly, this is a net positive effect for us, because it lowers the technical debt in general (e.g., not having to update code that people don't actually use, reducing the test surface, etc.).
We have gotten a lot of BS LLM reports in the meantime, though, which has done a great job of highlighting stuff to delete.
minus | 4 hours ago
I think dropping those drivers is extremely reasonable and a very pragmatic solution. If someone still needs to use those drivers, they're probably running on an old machine and can use an old version of Linux.
duncan_bayne | 3 hours ago
I remember when 3Com LAN cards were the go-to for Linux support. We had a box of old 3Com cards in the office so we could quickly set up pretty much any desktop or server machine with Linux.
nortti | 3 hours ago
Guess I'll need to find a replacement for the Etherlink III in syys if I want to update the kernel.
JulianWgs | an hour ago
There is also a chance that these drivers could reach zero bugs (if someone invests the time)