Microsoft's proprietary protocol, Remote Network Driver Interface Specification (RNDIS), started with a good idea. It would enable hardware vendors to add networking support to USB devices without having to build them from scratch. There was only one little problem. RNDIS has no security to speak of.
He added, in another message, "The protocol was never designed to be used with untrusted devices. It was created, and we implemented support for it, when we trusted USB devices that we plugged into our systems, AND we trusted the systems we plugged our USB devices into."
That's no longer the case. Kroah-Hartman concluded, "Today, with untrusted hosts and devices, it's time just to retire this protocol. As I mentioned in the patch comments, Android disabled this many years ago in their devices, with no loss of functionality."
Well, that's simple enough. So, why are we still talking about it today?
What happened was that users started worrying that this would disrupt their network USB tethering support. It turns out that more people than you might think were networking via USB cellular, Ethernet, and Wi-Fi devices.
That means that while the RNDIS code is still in the Linux kernel, if you try to build Linux using this new patch, all your RNDIS drivers will be broken and won't build. This is one step short of purging RNDIS from Linux.
And, that's a problem because people use the RNDIS driver Linux laptops to USB tether off Android phones. So, according to Żenczykowski, "this will break USB tethering off of the *vast* majority of Android phones - likely including most of those currently being manufactured and sold."
So, with security concerns on one side, and interoperability concerns on another, what will happen next? Stay tuned to see if this patch is submitted into the Linux 6.7 kernel merge window and if it will make it into the next version of Linux.