45
submitted 1 year ago* (last edited 1 year ago) by Harry_h0udini@lemmy.dbzer0.com to c/linux@lemmy.ml

I've seen a video from CTT demonstrating the <10 performance boosts by simply off the mitigation. The system will be secure for personal use as before.

top 24 comments
sorted by: hot top controversial new old
[-] SuperFola@programming.dev 46 points 1 year ago

Ask yourself: do you really need a performance boost or are you just chasing the numbers to avoid a non-existant problem?

[-] db2@sopuli.xyz 35 points 1 year ago

Everything is secure until it isn't. I'd leave it on.

[-] CaptainJack42@discuss.tchncs.de 25 points 1 year ago

The short answer, as a ton of people already said in the comments of the video, is "hell no" it is not and it is most likely also not worth it. Back when the video came out I tested it (with unplugged network) on my system and the performance gain was ~1% which I'd consider well within the margin of error

[-] ryannathans@aussie.zone 5 points 1 year ago

Mines about 60% faster, ymmv

[-] mara@pawb.social 2 points 1 year ago

What workload makes that much of a difference?

[-] ryannathans@aussie.zone 2 points 1 year ago
[-] mara@pawb.social 1 points 1 year ago

Which games?

[-] OsrsNeedsF2P@lemmy.ml 1 points 1 year ago

Aren't you the guy who runs one of the largest RuneScape private servers? Why tf are you disabling security measures

[-] ryannathans@aussie.zone 1 points 1 year ago

Isolated machine for emulating old consoles

[-] dack@lemmy.world 22 points 1 year ago

The system will be secure for personal use as before.

I wouldn't be so sure of that. CPU side channels allow data to be leaked across security contexts. For example, from a user process to sandboxed JavaScript in a browser, from kernel space to user space, or from one containerized process to another. This is a problem even on a single user system without any VMs.

[-] stardreamer@lemmy.blahaj.zone 12 points 1 year ago

Many years ago when I was still doing my undergrad I had a cyber security prof talk about side channels:

”There's no way to prevent side-channels. As long as two components are sharing the same physical resource there will be side channels. The only problem is that these side channels are leaking way more bits than we expected.”

So the question here is how big does the side channel need to be to leak something sensitive from memory? Turning off mitigations will almost certainly lead to larger side channels. Whether that is worth the risk is up to you.

[-] GustavoM@lemmy.world 10 points 1 year ago* (last edited 1 year ago)

...or you could opt for other ways to improve your PC performance. For instance, using equal values for both scaling_max_freq and scaling_min_freq gives you a quite considerable performance boost at the expense of (almost) nothing.

[-] wim@lemmy.sdf.org 15 points 1 year ago

Well, you lose a lot of power efficiency, this would be massively detrimental to many peoples experiences if you do this on anything battery powered like a laptop.

[-] GustavoM@lemmy.world 3 points 1 year ago
[-] wim@lemmy.sdf.org 5 points 1 year ago* (last edited 1 year ago)

And does this still work with modern cpufreq schedulers like amd-pstate and the Intel equivalent? IIRC I couldn't simply set frequencies or select the userspace scheduler on 10th gen Intel and frequencies don't seem to be honoured by AMD pstate drivers on Zen4.

[-] Lemmy@iusearchlinux.fyi 10 points 1 year ago

It depends on how importent security is for that system and how devestating it would be if someone else got control over it and all accounts and devices connected to it.

Assuming there are sucessful exploits it would be like running everything as root and disabling all sandbox/isolation features from the kernel and browsers. I'd say you should not connect such a machine to the internet.

[-] StrangeAstronomer@lemmy.ml -3 points 1 year ago

Link for the video?

As a general rule of thumb, I've been told that anything less than a 50% performance boost is hardly noticeable.

I've also heard (but ready to stand corrected) that mitigation costs only about 10% CPU (depending on the CPU).

I don't get out of bed for a 10% performance boost.

this post was submitted on 06 Oct 2023
45 points (94.1% liked)

Linux

48335 readers
1301 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS