What can you do to make your computer more secure? Most people are worried about data protection that reduces risk involves compromises, or in terms of convenience, price, or performance. However, many Linux users are not prepared for what a patch against spectra 2's vulnerability would reduce the performance of their systems with Intel processors by up to 50%.
The update in question is released with Linux kernel 4.20. It includes the Stibp (Single Thread Indirect Branch Predictors) Repair for Multithreaded Processes (SMT). The patch should prevent attacks based on speculator 2 vulnerabilities, but also insert the performance of Intel processors with hyper-threading support if the chips use the latest microcode updates.
It was initially clear that STIBP will affect the performance. However, Linus Torwolds (Linus Torwolds), who returned to the helmet after a brief helm in September, said, "In the discussion, I commented on how negative the impact on the performance of the patch is. When speed drops by 50% in several tasks, people need to ask themselves whether it is worth the use of the type of" protection "? ".
Mr. Torwolds also added that people who really care about their security simply disable SMT technology completely. Therefore, the current situation prompted a well-known developer to propose the following Linux Linux solutions for intel systems, which should reassure most users:
"I think we need to use the same logic as L1 TF: By default, we use such patches that do not affect the performance, it is necessary to warn about this, and after that I would look at crazy people who would prefer A 50% drop in productivity just to solve a problem that is still theoretical. ".
By the way, Mr. Torwolds is not the only one who is surprised by the implementation of Stibp. For example, Arjan van de Ven, a Linux security specialist in Intel, noted: "In the documentation, AMD officially recommended not activating the patch by default, and I can say that our position in Intel is similar: this protection really should not be activated by default". He added that the use of the instrument in "surgically necessary" cases is one thing, and it is always wrong to turn it on.
If you notice an error, select it with the mouse and press CTRL + ENTER.