Comment by reacharavindh

8 years ago

We have disabled Hyper Threading(HT) on all public facing servers(running OpenBSD). However, our compute nodes running Linux kernel are benefiting about 80 to near 100% boost for specific scientific workloads. So, we run our INTERNAL NETWORK ONLY compute nodes with HT on. In places where security is not primary concern, why not make use of HT for extra efficiency?

Think and plan before you blanket disable HT on all servers running intel CPUs...

If an attacker is able to run any code on these private servers, I have bigger problems to deal with than HT as attack vector..

7 comments

reacharavindh

hermitdev 8 years ago

If you fully trust the software you're running, I see no reason to disable HT. At this point, I don't think I'd have it running on anything publicly facing, though. That said, I still have it enabled on my work PC & home PC.

firethief 8 years ago
Do you fully trust all the JavaScript you run?
- hermitdev 8 years ago
  
  Nope, which is why I generally have JS disabled.

spydum 8 years ago

Yes I think it is a more significant problem for Multitenant cloud providers..

bo1024 8 years ago

Agree. A personal computer could probably even risk it as long as they don't run untrusted javascript (which they shouldn't do anyways, or only under sandboxed/careful conditions).

adrianN 8 years ago
Very few people don't run untrusted Javascript these days.
- bo1024 7 years ago
  
  Of course. Very few people maintain servers but the parent's point applies to those who do.