No clue personally, but the author is prolific enough here that I thought it mer...

ggm · 2025-03-25T23:48:18 1742946498

I go with three paths out.

1. it consumes too much systems resources. So its net-negative impact on the system under observation

2. it's misleading and leads to false diagnoses of situations under review

3. she's under an NDA of some kind related to a CVE or some other high class risk which will come out in due course but she felt a burden to stop people being exposed to risk.

4. I can't count and there are 4, 5, 6 other reasons but these 3 are mine.

crimsonpowder · 2025-03-26T00:23:41 1742948621

If it was 1 or 2, there would be a long Rachel-style post ranting about it and explaining exactly why.

It has to be 3.

And she knows her stuff, so I'm listening. Luckily we don't use atop.

thayne · 2025-03-26T01:38:40 1742953120

But if it was 3, why not say "I know there is a vulnerability, but I can't share the details"?

I'm not saying it isn't 3, but if it is, it seems like there might be more to it than a run-of-the-mill CVE.

Or maybe she doesn't know of a specific vulnerability/backdoor but has some reason to be suspicious there might be.

AnimalMuppet · 2025-03-25T23:50:35 1742946635

I'll go with number 3. She didn't just say "don't run", she said "uninstall". That doesn't sound like "misleading" or "uses too much resources". It sounds very CVE-ish.

phire · 2025-03-26T00:02:17 1742947337

"uninstall" points at a very specific type of exploit.

adrianmonk · 2025-03-26T01:14:14 1742951654

Assuming it's actually necessary to uninstall.

It might just be that "uninstall" is the simplest one-word advice you can give that will definitely solve the problem.

arkx · 2025-03-25T23:59:16 1742947156

Another xz case?

_--__--__ · 2025-03-26T00:10:44 1742947844

That's what it smells like but this is still a weird way to disclose something like that. I imagine some people with free afternoons are taking a stab at auditing atop's PR history right now. I'm not personally up to the task, but the fact that the top 3 contributors other than the original author are ByteDance employees might cause some to jump to conclusions.

bee_rider · 2025-03-26T00:07:13 1742947633

Does atop have any legitimate need to connect to the network? I can’t think of any legitimate accidental security holes that might show up in something like atop, but then, these utilities often have funky features I don’t know about!

benmmurphy · 2025-03-26T00:28:21 1742948901

1) is possible because it uses some interesting options like nice/mlockall/changing its oom score so if the atop process went out of control your box would probably be fucked.