diff --git a/README.md b/README.md
index 753d6aa..039c9c4 100644
--- a/README.md
+++ b/README.md
@@ -153,7 +153,7 @@ abused to write to arbitrary memory.
 
 * Provides some blocking of the interface between the [Intel Management Engine (ME)](https://www.kernel.org/doc/html/latest/driver-api/mei/mei.html) and the OS.
 
-* Disables the use of CD-ROM devices by default.
+* Not enabled by default yet, comment only: Disables the use of CD-ROM devices by default.
 
 ### Other
 
diff --git a/etc/modprobe.d/30_security-misc.conf b/etc/modprobe.d/30_security-misc.conf
index c8851dd..42da9b5 100644
--- a/etc/modprobe.d/30_security-misc.conf
+++ b/etc/modprobe.d/30_security-misc.conf
@@ -87,5 +87,6 @@ install mei-me /bin/disabled-by-security-misc
 
 # Blacklist CD-ROM devices
 # https://nvd.nist.gov/vuln/detail/CVE-2018-11506
-install cdrom /bin/disabled-by-security-misc
-install sr_mod /bin/disabled-by-security-misc
+# https://forums.whonix.org/t/blacklist-more-kernel-modules-to-reduce-attack-surface/7989/31
+#install cdrom /bin/disabled-by-security-misc
+#install sr_mod /bin/disabled-by-security-misc