steven36 Posted June 25, 2019 Share Posted June 25, 2019 Linux founder Linus Torvalds, today at the KubeCon + CloudNative + Open Source Summit China conference, warned attendees that managing software is about to become a lot more challenging, largely because of two hardware issues that are beyond the control of DevOps teams. The first, he said, is the steady stream of patches being generated as new cybersecurity issues related to the speculative execution model that Intel and other processor vendors rely on to accelerate performance. That model is the root cause of malware such as Spectre and Meltdown that have roiled the IT industry. Additional bugs in speculative execution with colorful names such as Fallout and ZombieLoad are showing up more frequently. Each of those bugs requires another patch to the Linux kernel that, depending on when they arrive, can require painful updates to the kernel, Torvalds told conference attendees. Short of disabling hyperthreading altogether to eliminate reliance on speculative execution, each patch requires organizations to update both the Linux kernel and the BIOS to ensure security. Turning off hyperthreading eliminates the patch management issue, but also reduces application performance by about 15 percent. The second major issue hardware issue looms a little further over the horizon, Torvalds said. Moore’s Law has guaranteed a doubling of hardware performance every 18 months for decades. But as processor vendors approach the limits of Moore’s Law, many developers will need to reoptimize their code to continue achieving increased performance. In many cases, that requirement will be a shock to many development teams that have counted on those performance improvements to make up for inefficient coding processes, he said. In the meantime, Torvalds noted updates to the Linux kernel are still coming at a rate of every three months, and the Linux team is basically working on a six-month planning cycle—there is no master five-year plan the Linux team is working from. Roughly 1,500 developers work on contributions to the Linux kernel, with 100 maintainers overseeing the implementation of those contributions. Naturally, cybersecurity patches at the kernel level have significant implications for all of DevOps. Changes to the kernel need to be absorbed by all the various distributions of Linux, which in turn impacts all the stacks of software that depend on Linux. Jim Zemlin, executive director for The Linux Foundation, said that in the wake of the rise of these hardware issues and previous cybersecurity issues involving open source software such as the Heartbleed vulnerability, cybersecurity is the top priority for The Linux Foundation. As part of that effort, The Linux Foundation is researching various DevSecOps approaches to better securing the global open source supply chain, he said. In the meantime, organizations large and small alike will need to up their DevSecOps game significantly if they want to continue to push application performance limits. Source Link to comment Share on other sites More sharing options...
stylemessiah Posted June 26, 2019 Share Posted June 26, 2019 You can only blame Intel etc so much for the speculative execution bugs Truth is that the bulk of software developers have gotten a free pass on the back of Moores law and increasing CPU performance, writing shitty bloated code Especially true of closed source software where of course they can hide it Maybe this will force companies like Adobe to finally write decent unbloated code..... But im not holding my breath.... Link to comment Share on other sites More sharing options...
steven36 Posted June 26, 2019 Author Share Posted June 26, 2019 4 hours ago, stylemessiah said: You can only blame Intel etc so much for the speculative execution bugs Truth is that the bulk of software developers have gotten a free pass on the back of Moores law and increasing CPU performance, writing shitty bloated code Especially true of closed source software where of course they can hide it Maybe this will force companies like Adobe to finally write decent unbloated code..... But im not holding my breath.... When it gets to the point your PC comes to a crawl because of it being patched to death you will blame it on someone! Security is "by design" or isn't. Trying to patch a faulty design with new abstractions will always have several kind of adverse consequences, such as : Additional complexity Loss of knowledge / craftsmanship Bad long-term economics That's something that was well taught in French engineering schools up to the 80's, So its no one is to blame but Intel mostly, it sure was not the consumers at fault but they the ones who will end up having to pay for it in the long run ,when they have to buy new hardware that they claim don't have such flaws. The 2nd part that's exactly what happen to Intel they used shortcuts to make hardware and now it cached up with them . It not so much happening to AMD even zombieload don't even effect AMD and the others effected AMD very little because they had security by design more so than Intel. 4 hours ago, stylemessiah said: Especially true of closed source software where of course they can hide it Maybe this will force companies like Adobe to finally write decent unbloated code... He was not talking about Closed Source software in genral and Adobe is a windows and Mac problem for Microsoft and Apple to figure out , unless you run some older version in wine on Linux before it became so bolted and Adobe flash want even be a problem for no one on any OS after next year.. He was talking about devs who make Electron and Web-based apps. (Electron and Android devs) Most of them make apps that replace you from having to use a web browser there coded very poorly and load up slow .. They is lots of open source apps and some closed source ones too made with Electron they have a great concept but will become useless unless these programmers really learn to code. Most of of the new apps you see any more are crap coded .It's a shame too because some them are very useful apps . But they already too slow and the speed and footprint of Electron and Web-based apps seem not to be improving if it is its at a snails pace. They all have a heavy footprint like using a browser witch a browser uses more resources than any app on most peoples system unless they encode media or something and running lots of these Electron and Web-based apps is like running lots of browsers at once. As far as Adobe in a few more years i doubt you will have to worry with using there bloated software there investing in moving it to the cloud like everything else is were you be able to even do it on a smartphone . Things that takes lots of resources on a PC that take hours can be done in minutes in the cloud. And example of this is video encoding web sites that encode in the the cloud shoot out videos every minute were it takes hours to do it on PC , another example is uploading . You can upload things fast as lighting in the cloud even if your on dial up and you don't even have to download it to your PC unless you want. we are no long living in the age were you need heavy apps to do everything no more. Well i hope they do anyway they have nothing to lose like Microsoft do , One of the reasons Microsoft don't put Office fully in the cloud that they would lose most enterprise to Linux its not that windows is any good its Office document formatting that holds back a mass exodus to Linux from happening . So Microsoft stifles technology in order to keep control of the desktop. Microsoft Office is not that great ether its just the standard format they use for document formatting and it has no security by design . Microsoft Office spreads malware to every thing it touches . MAC OS and Android have malware because of ports of Microsoft Office. Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted June 28, 2019 Administrator Share Posted June 28, 2019 On 6/26/2019 at 4:38 AM, steven36 said: The second major issue hardware issue looms a little further over the horizon, Torvalds said. Moore’s Law has guaranteed a doubling of hardware performance every 18 months for decades. But as processor vendors approach the limits of Moore’s Law, many developers will need to reoptimize their code to continue achieving increased performance. In many cases, that requirement will be a shock to many development teams that have counted on those performance improvements to make up for inefficient coding processes, he said. Really interesting. So he is raising an important possibility that while the hardware power will remain similar, we will continue to see improvement in performance thanks to improvements in software. I cannot stop but to be give an example of how browsers and their speeds have unbelievably improved throughout the years with newer software technologies and better coding in them. Link to comment Share on other sites More sharing options...
steven36 Posted June 28, 2019 Author Share Posted June 28, 2019 2 hours ago, DKT27 said: Really interesting. So he is raising an important possibility that while the hardware power will remain similar, we will continue to see improvement in performance thanks to improvements in software. I cannot stop but to be give an example of how browsers and their speeds have unbelievably improved throughout the years with newer software technologies and better coding in them. Yes browsers speed have really improved over the years but the only way they done it was because people use faster hardware now, but the concept not so much they have become more privacy intrusive when Firefox gave up the old way they made browser for speed they gave up on some your browser privacy like being able to block all cookies and only allowing sites you want to allow them in . I still use waterfox with legacy addons on Linux Firefox is a little faster but it not worth the trade off for my privacy to use all the time , It was not just privacy you sacrificed for speed ether it was lots of features they removed for speed and they put in many no one even ask for . But if you tested a old legacy browser like Firefox v2.x you would say how did i ever use this slow browser,? but back in 2007 iI was fine to us we never noticed it and hardware was way less powerful back then, when the most used OS was XP. People have become spoiled over the years and due to security issues we have to going learn how to sacrifice some speed for privacy and security they go hand and hand when it comes to being hacked and exploited. The good thing is side channel attack patches effect gaming and watching videos very little . back just a few years ago people used really slow hardware XP didn't require but Min Processor Speed 233 MHz Min RAM Size 64 MB Min Hard Drive Space 1.5 GB You try and run a new browser in the 1st generation XP boxes and they to heavy for it but those old slow browser work fine. Now days people have 16 GB of Ram and still are not happy because software speeds are not fast enough to see a big improvement more so in windows than Linux many apps that require lots of RAM in windows Require very little in Linux . Well that's changing with crappy coded apps that have heavy footprint like a browser .. Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted June 28, 2019 Administrator Share Posted June 28, 2019 26 minutes ago, steven36 said: Thing is, the reason I use browsers for example is they are the best examples. Reason is, Firefox was based on a bad coding language which, while made for control, was really bad for speed. By using newer language, the code of the software was massively improved. Moving to newer code, on a newer language, allowed them to write code better and improve the speeds significantly. The problem is Mozilla is not releasing APIs fast enough which allow for better customization again. I would prefer if someone would compare the browser speeds of versions of a decade ago and newer versions and compare their speeds and see if how much they have improved there. Link to comment Share on other sites More sharing options...
steven36 Posted June 28, 2019 Author Share Posted June 28, 2019 14 minutes ago, DKT27 said: Thing is, the reason I use browsers for example is they are the best examples. Reason is, Firefox was based on a bad coding language which, while made for control, was really bad for speed. By using newer language, the code of the software was massively improved. Moving to newer code, on a newer language, allowed them to write code better and improve the speeds significantly. The problem is Mozilla is not releasing APIs fast enough which allow for better customization again. I would prefer if someone would compare the browser speeds of versions of a decade ago and newer versions and compare their speeds and see if how much they have improved there. You can easy do it on Windows i done it before you can use PortableApps of Firefox legacy that go all the way back to 2007 https://sourceforge.net/projects/portableapps/files/Mozilla Firefox%2C P.E. Legacy/ https://sourceforge.net/projects/portableapps/files/Mozilla Firefox%2C Portable Ed./ Utilu IE Collection 1.7.2.1 https://utilu.com/IECollection/ I done tested it that's how i know the old browsers are very slow compared to now. Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted June 28, 2019 Administrator Share Posted June 28, 2019 3 minutes ago, steven36 said: You can easy do it on Windows i done it before you can use PortableApps of Firefox legacy that go all the way back to 2007 https://sourceforge.net/projects/portableapps/files/Mozilla Firefox%2C P.E. Legacy/ https://sourceforge.net/projects/portableapps/files/Mozilla Firefox%2C Portable Ed./ Utilu IE Collection 1.7.2.1 https://utilu.com/IECollection/ I done tested it thats how i know the old browsers are very slow compared to now. Thanks for the links. I do not have much time to test them. But I will take your word for it. Link to comment Share on other sites More sharing options...
steven36 Posted June 28, 2019 Author Share Posted June 28, 2019 38 minutes ago, DKT27 said: Thanks for the links. I do not have much time to test them. But I will take your word for it. But there is no way to test it precise without a time machine because the web is not even coded the same now , back in the day most all websites built there sites based on IE so Firefox had to make it work like that , and things used real java and flash instead of so much JavaScript and HTML5 . JavaScript was a thing but not like is now and Websites didnt use google services to run like they do now , because google was not the leader back then. Now they build sites based on all browsers . If sites ever dropped support for Firefox it would end them and it could happen one day. The web has been optimized for all the major browsers in use now days that was not the case years ago. When something Google does to effect it Firefox has to adopt it and that what makes Google bad they are trying control the web and most people don't even fight it.So really changes in the web is what made them slow more than anything there not 2019 web optimized. With Microsoft adopting blink most all websites will be based on chrome when Microsoft ships Edge and stops shipping IE and that could cause Websites to stop supporting Firefox . Only thing has kept Firefox from becoming useless is them adopting everything that there daddy Google says best . Back when Firefox was young addons that opened IE in Firefox was used a lot because not all sites even worked for it back then. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.