Linux kernel developers have introduced the ability to disable security against vulnerabilities that exploit CPU speculation. The reason is the large drops in the performance of the operating system.
Linux users complain that patches preventing the use of Meltdown, Specter and Foreshadow vulnerabilities adversely affect the performance of the penguin operating system. In some cases, such as the execution of PHP and Python scripts, the execution time of operations decreased by up to 30 percent. For this reason, administrators should consider whether their systems are actually vulnerable to attack using code speculation.
Due to the large drop in performance, Linux kernel developers have added options that can disable protection against exploits detected earlier in the year in many Intel, AMD and ARM systems. Administrators can now adjust the level of protection against vulnerabilities depending on the estimated risk. The creator of Linux, Linus Torvalds called a patch, prepared by Intel, “garbage” a year ago. One of Fin’s main arguments was the negative impact of performance patches.
This situation shows how algorithms responsible for code speculation have increased processor performance over the years. This technology can be useful in closed systems where complicated and time-consuming calculations are performed, for example in the case of supercomputers or machines designed to render large graphic files. Unless they are connected to the network, the risk of hacking is virtually non-existent and there is no reason to protect such systems from attack at the expense of performance.