Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
https://git.kernel.org/…/ke…/... sure some of you are working on the patches already, if you are then lets connect cause, I am an ardent researcher for the same as of now.
So here it goes:
As soon as kernel page table isolation(KPTI) bug will be out of embargo, Whatsapp and FB will be flooded with over-night kernel "shikhuritee" experts who will share shitty advices non-stop.
1. The bug under embargo is a side channel attack, which exploits the fact that Intel chips come with speculative execution without proper isolation between user pages and kernel pages. Therefore, with careful scheduling and timing attack will reveal some information from kernel pages, while the code is running in user mode.
In easy terms, if you have a VPS, another person with VPS on same physical server may read memory being used by your VPS, which will result in unwanted data leakage. To make the matter worse, a malicious JS from innocent looking webpage might be (might be, because JS does not provide language constructs for such fine grained control; atleast none that I know as of now) able to read kernel pages, and pawn you real hard, real bad.
2. The bug comes from too much reliance on Tomasulo's algorithm for out-of-order instruction scheduling. It is not yet clear whether the bug can be fixed with a microcode update (and if not, Intel has to fix this in silicon itself). As far as I can dig, there is nothing that hints that this bug is fixable in microcode, which makes the matter much worse. Also according to my understanding a microcode update will be too trivial to fix this kind of a hardware bug.
3. A software-only remedy is possible, and that is being implemented by all major OSs (including our lovely Linux) in kernel space. The patch forces Translation Lookaside Buffer to flush if a context switch happens during a syscall (this is what I understand as of now). The benchmarks are suggesting that slowdown will be somewhere between 5%(best case)-30%(worst case).
4. Regarding point 3, syscalls don't matter much. Only thing that matters is how many times syscalls are called. For example, if you are using read() or write() on 8MB buffers, you won't have too much slowdown; but if you are calling same syscalls once per byte, a heavy performance penalty is guaranteed. All processes are which are I/O heavy are going to suffer (hostings and databases are two common examples).
5. The patch can be disabled in Linux by passing argument to kernel during boot; however it is not advised for pretty much obvious reasons.
6. For gamers: this is not going to affect games (because those are not I/O heavy)
Meltdown: "Meltdown" targeted on desktop chips can read kernel memory from L1D cache, Intel is only affected with this variant. Works on only Intel.
Spectre: Spectre is a hardware vulnerability with implementations of branch prediction that affects modern microprocessors with speculative execution, by allowing malicious processes access to the contents of other programs mapped memory. Works on all chips including Intel/ARM/AMD.
For updates refer the kernel tree: https://git.kernel.org/…/ke…/...
For further details and more chit-chats refer: https://lwn.net/SubscriberLink/...
~Cheers~
(Originally written by Adhokshaj Mishra, edited by me. )
23 -
When your friends' iMac freezes yet again and you're sitting there smiling with your Linux mint laptop without a single slowdown or crash in years
13 -
Real analog advertising for DuckDuckGo.
I have been a little bit surprised by that!
The text is:
"You want the same internet but with more privacy?
Leave it to us."
Could be because the advertising spaces became rather cheap after the Corona slowdown, or DDG really takes off now.
7 -
Saw this on Facebook and couldn't help but share here! 😂
A young woman submitted the tech support message below (about her relationship to her husband) presumably did it as a joke…
The query:
Dear Tech Support,
’Last year I upgraded from Boyfriend 5.0 to Husband 1.0 and noticed a distinct slowdown in overall system performance, particularly in the flower and jewelry applications, which operated flawlessly under Boyfriend 5.0.
In addition, Husband 1.0 uninstalled many other valuable programs, such as: Romance 9.5 and Personal Attention 6.5, and then installed undesirable programs such as: NBA 5.0, NFL 3.0 and Golf Clubs 4.1.
Conversation 8.0 no longer runs, and House cleaning 2.6 simply crashes the system. Please note that I have tried running Nagging 5.3 to fix these problems, but to no avail.
What can I do?
Signed,
Desperate
The response (that came weeks later out of the blue):
Dear Desperate,
“First keep in mind, Boyfriend 5.0 is an Entertainment Package, while Husband 1.0 is an operating system. Please enter command: I thought you loved me.html and try to download Tears 6.2 and do not forget to install the Guilt 3.0 update. If that application works as designed, Husband 1.0 should then automatically run the applications Jewelry 2.0 and Flowers 3.5.
However, remember, overuse of the above application can cause Husband 1.0 to default to Grumpy Silence 2.5, Happy Hour 7.0 or Beer 6.1. Please note that Beer 6.1 is a very bad program that will download the Farting and Snoring Loudly Beta.
Whatever you do, DO NOT, under any circumstances, install Mother-In-Law 1.0 (it runs a virus in the background that will eventually seize control of all your system resources.)
In addition, please, do not attempt to re-install the Boyfriend 5.0 program. These are unsupported applications and will crash Husband 1.0.
In summary, Husband 1.0 is a great program, but it does have limited memory and cannot learn new applications quickly. You might consider buying additional software to improve memory and performance. We recommend: Cooking 3.0.Good Luck!’
Good Luck!3 -
I've tried multithreading with php, wrote a simple script which checks a series of ip addresses and tries to ftp into them.
I've noticed that the script is running very slow, i checked everything, tested the db, tested my code, i've started to doubt, that my compilation of php was fucked up (btw i did that for the first time).
Then i've started to mesure the time of each db request, but the numbers didn't add up. Then it fucking hit me...
I fucking set the timeout for ftp_connect to 5 seconds, and that was causing the slowdown. I wasted two fucking coding sessions on finding that out.
What a fucking blind moron can I be, holy shit.4 -
Third party vendor whose shitty API we have to use as part of our application blocks our account IN PRODUCTION without even telling us every time they have a slowdown because of course it must be us. Yeah, I didn't want to go home anyway🖕1
-
Is it just me or is what susspose to be the tech giants, making more and more n00b mistakes lately... Apple's latest update "best release of iOS yet" bricks the phone, Samsung phones are blowing up...
Things are continously prematurely released to try and beat everybody in the market place which just leads to unimpressive and dangerous product releases.3 -
Oh the joys of working with an Enterprise customer.
Background:
Discussion about service architecture with me, development architect (ArchDev) and integration architect (ArchInt). The topic arises of needing to access int. segment systems for a public facing cloud application.
Me: so we'll just need a s2s vpn and then we can just create a route and call the services normally.
ArchDev: sounds good to me, it will take a few months to get that set up
ArchInt: we done need that, we can just use the gateway and then route all the requests through the ESB.
Me: 😕 do you mean the service gateway?
ArchInt: (drops bomb) no, we decide that all API should be implement in ESB, so ESB will handle traffic
Me: *pauses, steps up to the whiteboard, does latency math* setting aside the fact that isn't how ESB's work, that will add at least 700ms latency to each request.
ArchInt: well that is fine for enterprise, things not usually as fast in enterprise you must expect slowdown to be safe
ArchDev: *starts updating resume on the ladders
Me: 💀🔫 -
Oddly enough, i have simultaneously been less busy and more productive since working 66% remotely.
I find myself with more time that feels "wasted" or not busy, but my metrics show that I have more production, better results, and far nicer documentation. A bunch of us also sat down and did a bunch of coursework on really putting together a domain script library for one click onboarding of new servers or new client setups. We spun up a bunch of new virtual environments that literally solved headaches that had existed for years that never got dealt with because of too many other tickets.
Some of our web clients freaked out at us because the business is moving away from doing maintenance of legacy web work (small to midsize businesses). But it didn't matter. Rather than respond with a "make them happy," the response was "well, we will get rid of them as clients. We need to focus our energy on the essential service sectors we support."
Hell, we even got an automated test that has been broken apparently since 2018 to work again.
Granted, the incoming workload has slowed down. But it's still interesting to me to see that despite the slowdown, there isn't any concern; its still paying the bills and we are getting rid of technical debt everywhere. Tbh, this has really been a good reality check.1 -
Want your opinions on this one.
I am currently experiencing a slowdown in my career progression...trying to study for the RHCSA exam and I had interviews for two new positions in my current company, first job I reached the final interview but they went forth with another candidate.
For the second job they have not yet responded.
Anyways I was thinking of trying to complete my RHCSA since I already paid for the exam and then study for masters degree abroad and try to immigrate to a country with a better quality of life, thoughts?3 -
sometimes I have random curiosities while I'm out and unable to test things. this is one of them (will comment with answer if I ever test it):
obviously writing aliases to make things you do frequently easy is a win. but what about typo aliases? stuff like sl, dc, she, etc. these aren't typo'ed often (hopefully) but are defined every single time you create a new terminal.
has this probably miniscule overhead actually been meaningfully measured?
question: how many aliases must be defined to cause a significant (say, 3sec?) slowdown when opening a new terminal?
Top Tags
Weekly Rant
View