Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Also, a good chunk of these vulnerabilities (Retbleed, Downfall, Rowhammer, there's probably a few I'm forgetting) are either theoretical, lab-only or spear exploits that require a lot of setup. And then the leaking info from something like Retbleed mostly applies to shared machines like in cloud infrastructure.

Which makes it kind of terrible that the kernel has these mitigations turned on by default, stealing somewhere in the neighborhood of 20-60% of performance on older gen hardware, just because the kernel has to roll with "one size fits all" defaults.



If you know what you're doing, you do something like this: https://gist.github.com/jfeilbach/f06bb8408626383a083f68276f... and make Linux fast again (c).

If you don't know what kernel parameters are and what do they affect, it's likely safer to go with all the mitigations enabled by default :-|


Yeah, I personally have Retbleed and Downfall mitigations disabled, the rest thankfully doesn’t severely affect my CPU performance.

Appreciate sharing the gist though!


I don’t think you are thinking of this right. One bit of leakage makes it half as hard to break encryption via brute force. It’s a serious problem. The defaults are justified.

I think things will only shift once we have systems they ship with fully sandboxes that are minimally optimized and fully isolated. Until then we are forced to assume the worst.


> I don’t think you are thinking of this right. One bit of leakage makes it half as hard to break encryption via brute force.

The problem is that you need to execute on the system, then need to know which application you’re targeting, then figure out the timings, and even then you’re not certain you are getting the bits you want.

Enabling mitigations For servers? Sure. Cloud servers? Definitely. High profile targets? Go for it.

The current defaults are like foisting iOS its “Lockdown Mode” on all users by default and then expecting them to figure out how to turn it off, except you have to do it by connecting it to your Mac/PC and punching in a bunch of terminal commands.

Then again, almost all kernel settings are server-optimal (and even then, 90s server optimal). There should honestly should be some serious effort to modernize the defaults for reasonably modern servers, and then also have a separate kernel for desktops (akin to CachyOS, just more upstream).


Maybe so but I think most users are going to be vulnerable to likely under-estimate their security-sensitivity than to over-estimate. On top of that security profiles can change and perhaps people won’t remember to update their settings to meet their current security needs.

These defaults are needed and if the loss is so massive we should be willing to embrace less programmable but more secure options.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: