I suspect that it depends on how strongly or weakly the 'bloat' is connected to other things; and what supporting them involves.

Something like not having TSC (which itself comes in several variants depending on whether it's from the era where you actually had 'a' CPU that just ran at a speed, or if it's one of the ones that tries to compensate for the complications of variable clocks and multiple cores) presumably comes up in a variety of nasty places related to the bad things that happen when things are not done in the expected order.

Just some random PCI device that nobody developing actually owns anymore is presumably at risk of unnoticed regressions; but (especially with the amount of PCI DNA that got carried over into PCIe or was used for the software-visible interface of some system on chip that skipped the cost of actually implementing a 32 bit parallel multidrop bus out to the PCB but either specifically sought compatibility or couldn't justify cooking up something custom when the peripherals they were integrating were all derivatives of PCI designs) it's not necessarily much maintenance overhead for it to just exist on a 'cool if it works for you' basis as a module that you probably don't need.

There's also the secondary matter of the fact that 'the kernel' has a limited number of people directly focused on its interests in the abstract; rather than some hardware vendor, distro, enthusiast, or hyperscaler's interests. If preserving hardware compatibility is directly contrary to the interests of supporting the major contemporary use case of fairly large 64 bit x86 servers and embedded ARM widgets (as 486 and pre-TSC 685-ish likely was) it's going to have relatively few friends among the people actually doing the work. If someone wants to maintain some weirdo HAM radio interface card that merely assumes the existence of PCI it's not clear anyone will go out of their way to help if they need to update something to cope with a change elsewhere; but it's not like the Ministry of Kernel is going to order them to go find bugs in the implementation of CXL memory because that's where the money is.

If these guys are actually treating a user agent string as an authentication mechanism I'm honestly surprised that being on the public internet hasn't already eaten them alive purely because of the supply of malicious opportunists; and I'll be even more surprised if it continues to work out for them now that they've drawn a fair amount of attention to it.

If the 'AI' guys are anything to go by; probably get increasingly elaborate with their attempts to bypass whatever rate limiting is put in place. It's honestly sort of wild seeing the hottest, most heavily capitalized, elements of 'tech' wrap around so rapidly and with so little concern toward the sort of traffic patterns you normally associate with criminals as soon as it's in their interests. At one time I would have been surprised.

There is an intermediate situation that that case arguably illustrated:

Using violence against harder targets is more of an organizational problem; and solving that problem potentially skews your candidate pool; but what's very curious(particularly for a society whose overall violence numbers are very much on the high side by developed world standards) is how safe it apparently is to be widely notorious and a fairly soft target. Thompson was just walking down the sidewalk alone at a predictable time and location. Zero precautions. Something like the Sacklers were a household name for over a decade, with strong cases for culpability in at least low 6 figures worth of deaths sprinkled across a variety of walks of life; even the ones you suspect might be risky like deer hunters with dead kids and members of criminal organizations where internecine homicide is routine, and what came of it? Nothing. Not even any 'foiled at a late stage'/'shot and missed' level stuff.

That's the genuinely puzzling bit to me: not that there's nobody going after people who take the sort of precautions that would probably require one of the old-school 80s red army faction types to deal with; but that it's apparently really safe to be widely loathed and not do much about it in a country where 20k firearms homicides a year isn't considers terribly exceptional. If the people who can actually afford guard labor were having to make the onerous lifestyle commitments to living like someone's out to get them it would be relatively unsurprising that being able to afford competent professionals puts you ahead of angry amateurs much of the time. What is surprising is how often there's apparently no downside to not even bothering. We even have to import the lurid stories of 'crypto kidnapping' by purely financial opportunists from overseas to obtain them in any quantity.

It's essentially impossible to make a good argument for some uncached CI lunacy that has you outperforming the overtly malicious as a source of traffic; but if there's one thing that reliably upsets people it's getting called on convenient behavior that they can't readily justify; so I'm genuinely curious what the ratio of sensible adjustment to unhinged freakout by bro whose subsidy is not in fact a law of nature they'll see.

Obviously trump doesn't care; if anything the grifts that you can totally phone in are probably even funnier than the ones where you have to try; but I'm puzzled by why this sort of thing doesn't bother some of his enthusiasts more. Not the nihilistic edgelords and ethnic nationalists so much; but if you are actually enthusiastic about 'greatness' shouldn't it worry you that Dear Leader, who you trust to deliver national renewal, apparently can't puke up the sort of zero-effort ODM rebadge job that any garbage tier prepaid carrier does anywhere from multiple times a year to at least annually, depending on market conditions?

Obviously the phone itself is basically irrelevant; but it seems like the sort of project that would cause anyone not wholly immune to feel some degree of at least secondhand embarrassment about.

Depending on the jurisdiction; it might allow for some dishonest regulatory hackery; which bad people treat as equivalent to a solution.

If you are having trouble getting approval for a big fat grid hookup or rezoning of what was supposed to be a fairly low excitement commercial/industrial plot into a datacenter; you might have less trouble getting some nice, innocuous, residential development with what are totally just the next generation of cable boxes if you don't look too closely in the back yard pushed through; and once you've done that you aren't going to live next to the externalities or deal with the stressed edge of a grid; so not a you problem anymore.

Presumably the developer who gets paid a kickback to add it that they at least hope will be larger than the loss in expected sale price from having it there.

Assuming you can slip the thing, and some sort of cryptic easement or covenant burned into the deed, to at least one sucker it no longer matters whether the 'owner' wants it or not.

The bit about residential development being overprovisioned for its electrical use seems like a classic 'exploit the commons briefly' format scam.

It's not false; a given house is usually hooked up to a big chunky breaker whose capacity it is not expected to exceed, often oversized by a decent margin; but there absolutely isn't that level of overbuild all the way back to the utility. Probably not even back to the substation depending on how optimistically the transformers on the poles were sized.

Exactly the sort of thing that should work just fine if you do it at a small scale, and sounds like a clever discovery if you avoid thinking about it; but would immediately roll over and die if it were actually exploited at scale(while being even more expensive than the alternative; since wiring in one heavy user is a lot less intricate than converting thousands of distributed residential customers into heavy users). Makes one wonder if they are trying to get away with anything else by playing 'residential'; like the power factor. Utilities absolutely do care about that, because reactive power is real movement in the grid; but historically residential customers have often not been deemed worth the trouble to verify specifically for that; which you could absolutely change with a bunch of selfishly designed switchmode PSU load.

So it's alarmingly invasive and ignores established good practice; but in a staggeringly incompetent sort of way. Would it be the 'white house app' any other way?

Let me guess; because vetting its effect on security is hard and not terribly exciting they'll mostly test for 'woke' and then decide on that basis.

The MAGA guys were particularly high on their own supply given that 'the straight of hormuz is exceptionally blockable' is not some kind of weird contrarian theory. The Millennium Challenge 2002 was basically that scenario with some of the names filed off; and the exercise of trying to stop iranian launches is basically the 'scud hunting' phase of the gulf war being replayed.

Hegseth might have been stupid enough to believe that you just needed to be more masculine about it and magically turn 'will' into victory; and Trump might have been dumb enough to believe him or dumb enough to believe that just a modest tap was all that was needed to cause the iranians to fall for his legendary deal-making; but I don't think it was much of a surprise to anybody else.

It's not as though anyone seriously expected an aging and not all that comprehensive air defense system to remain effective in the face of a blank check for expensive stealth gear and standoff munitions; or the more conventional parts of the iranian navy to be particularly survivable; it's just that most people recognized that knocking out the first 90% of most visible or least mobile targets wasn't even close to being 90% of the work; while our glorious new era of competence just stood there blinking and expecting to be handed a trophy for winning with essentially no path to dealing with the much harder problem of actually driving the volume of fire down to levels safe for commercial shipping or economically sustainable to keep running high end interceptor batteries against.

CO2 has the properties it has, and trying to shift or deny that is a sign of either a liar or an idiot.

I'll let others decide what you are.

Sure; but the NRA's lobbyists are a bit scarier than the American Chemistry Council's lobbyists; so I think we're going to need to gather more data and teach the controversy in search of Sound Science on this contentious and so far ill-understood issue. I also hear that victim's rights advocates are particularly worried about anything that would further endanger law abiding Americans being menaced by oncology patients brutally doing crimes to afford their next hit of Cisplatin.

Oh look, another denialist trying to sidetrack a pretty verifiable statement of fact.