You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
Ha, Intel were *so proud* of their high throughput RDRAND, and now it turns out they leak the values all over the other cores and the microcode patch to fix it... has a 97% performance hit. As in you get ~1/30th of the performance you used to. Whoops! https://www.phoronix.com/scan.php?page=news_item&px=RdRand-3-Percent …
As @sebsued points out, it may well become a DoS vector itself, because if I understand the mitigation right, RDRAND ops are now *serialized against the entire chip memory bus*. They block all other cores from doing any reads and writes that miss cache. https://twitter.com/sebsued/status/1270639456312311809?s=19 …
I just did a test. One thread of RDRAND on an unpatched Xeon E-2144G (8 threads) drops 7-threaded sysbench performance by 10%. The same with the patch, 55%. So with the patch, a rogue core can now halve your memory performance. But it gets better.
Running 8 threads (on an 8-thread E-2144G) of RDRAND in the background, memory throughput drops by *81%* with the patch vs unpatched (91% vs idle). So if someone can spawn a bunch of RDRAND threads, they can drop your memory perf to 19% of what it would be, 9% of nominal.
So, do I get it right, an attacker can spin up c5.large or even t3.micro on @awscloud and slow 94 other vcpu by 55%? Nice.
But I'm nit sure AWS enables mitigations.
why would rdrand even be allowed for non-kernel processes? The OS should provide a rng interface, everyone should use that and the OS should take the CPU RNG if it exists as one input source for the OS RNG.
How would a vCPU handle rdrand?
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
