People who watch their logs closely (or who drive to the datacenter and end up looking at the console on a front-end webserver) may occasionally see messages like “TCP treason uncloaked” on Linux boxes.

The conspiracy theorists say that it’s hacking attempts and that it crashes Apache. Most of these conversations are at least 5 years old.

The networking experts point out that this is nonsense, and it’s actually just a notification that the remote host shrunk its receive window size more than expected. It’s kind of a nonsensical condition, but it’s not exactly, well, treason.

But here’s a new one: it’s also sometimes caused by a kernel bug. It’s been fixed since 2.6.14 (based on the last comment here), but many, many people run old versions in production. Though actually, the systems I’m seeing this error on are newer than that, meaning it’s not affected by the kernel bug.

So for people seeing the error, it’s usually pretty much worthless data. (Similarly, lp0 is not actually on fire.)