meltdown   1779

« earlier    

KPTI/KAISER Meltdown Initial Performance Regressions
File under the end of Moore’s Law.

The recently revealed Meltdown and Spectre bugs are not just extraordinary issues of security, but also performance. The patches that workaround Meltdown introduce the largest kernel performance regressions I've ever seen.
kernel  linux  security  meltdown  performance 
9 days ago by jefframnani
chris blogs: Anatomy of a Ceph meltdown
A quick word on our setup: We have three file servers with 12TB storage each that provide each three Ceph OSDs, a monitor, and MDS (to provide CephFS to a shell server and the office machines). Connected to these are two virtualization hosts that run 24 virtual machines total in QEMU/KVM. The file servers and virtualization hosts run on Gentoo, most VM are Debian, a few run Windows. The setup is very redundant: Ceph guarantees each file server can drop out without problems, and if one virtualization host goes down, we can start all machines on the other host (even if main memory gets a bit tight then).
ceph  gentoo  meltdown  filesystems  downtime 
9 days ago by vielmetti
"The KPTI patches to mitigate Meltdown can incur massive overhead, anything from 1% to over 800%."
meltdown  from twitter
9 days ago by vielmetti
The Impact of Spectre and Meltdown on the Cloud
"Spectre is worse. Not because we actually know how to use it to do something bad. Yet. It is worse because we don’t know how to mitigate it in a generic way, and because it proves that Meltdown wasn’t a flash in the pan. The threat remains, and erodes trust. When and if someone devises a practical exploit, we may indeed see a mitigation for it show up quickly. The exploit may be responsibly disclosed by security researchers at a company like Google. But it is entirely possible that hostile state actors will get there first, and the damages done between now and then may be considerable and difficult to quantify."
analysis  contributed  technology  top  stories  heptio  meltdown  security  side-channel  attack  spectre 
10 days ago by jonerp

« earlier    

related tags

020718  0218  5g  6  amd  analysis  and  apple  architecture  attack  augmentedreality  bestoftheweb  bios  brendangregg  bruce-schneier  bug  bugs  business  cassandra  centos  ceph  check  chip-level  cis3360  cis4615  compsci  computer_security  contributed  cpu  cpu_architecture  culture  cybersecurity  downtime  exploit  fail  filesystems  filetype:pdf  firmware  forseti  fosdem  freebsd  gentoo  hacking  hardware  heptio  hosting  howto  hp  hpe  hw  infosec  intel  is:video  kernel  kubernetes  lang:en  liability  linus  linus_torvalds  linux  macosx  malware  microcode  microprocessor  mooreslaw  netadmin  openhardware  opensource  patch  patches  performance  potks  puppet  redhat  research  resources  retpoline  scanner  security  segurança  server  side-channel  sidechannels  sot  specter  spectre  speculative_execution  stories  suse  sysadmin  technology  theverge  top  torvalds  transparency  tutorial  type:tool  ubuntu  update  updates  vulnerabilities  vulnerability  vulnerability_disclosure  vulnerabilitymanagement  vulnmanagement  web_security  webserver  windows  µarchitecture 

Copy this bookmark: