Spreading out the internet across infrastructure nodes that can be cooled by fans in smaller data centers or even home server labs is much more efficient than monstrous, monolithic datacenters that are stealing all our H2O.
That’s definitely not true, data centers are way more efficient than home servers. But yes, they use water to be more efficient.
I used geekbench 5. My CPU is AMD Ryzen 5 5500U. I tested a few prebuild kernels and custom compiled the fastest one.
prebuild linux kernel:
prebuild linux-zen kernel:
prebuild linux-xanmod kernel:
prebuild linux-hardened kernel:
custom linux-hardened kernel:
I’m running a custom kernel on my Arch laptop. It’s a little faster, a little smaller and a little quite more secure. I’m also running custom kernel which enables adiantum encryption on old phone with postmarketOS.
Thank you very much for this detailed explanation! Looks like kptr and kexec are already disabled and enabled randomized virtual memory address in the hardened kernel. I will check for ebpf. Security certs seem interesting, I will defenetly look into them.
*only Serbia likes this
I’m running self compiled hardened kernel and I enabled kernel lockdown mode. Before that it was disabled. Maybe Arch team disabled it.
Now I’ve installed it and Librewolf works nornally. Is that normal or is malloc not working or is Librewolf compiled with hardened malloc?
I’ve heard about googerteller and I never thought someone will use it (except to try it)
Thank you for the list! Do you maybe know where can I find explanations what does each option do? I know only half of them and I already use some of them.
Actually it’s not (but it was) a fork of OpenBSD’s allocator, but rewrite of a fork. They wanted too much changes so they decided to rewrite it from scratch.
That would be too big performance hit
I will try hardened_malloc, I already use it on my phone. I have GrapheneOS.
On laptop with Ryzen 5 5500U (12 threads) it takes 50 minutes and on desktop with Ryzen 7 3700X (16 threads) it takes 20 minutes. I use all threads to compile the kernel.
It compiles way waster with Gentoo, because it has minimal config. I used the default config from Arch repos and modified it. It’s full of unneeded drivers, but I’m scared of disabling them. I already disabled wrong drivers a few times and had to use different kernel to boot.
I will try it out, thank you :)
Yep, just one stick. Now everything works like it should!
Thank you for your help!
XMP is somekind of overclocking, but I disabled it.
Its not only one bit flip but at leats two (in a single byte), I figured out using addresses in the errors.
I was also scared that it’s the cpu, because it was the most expensive part when I build the PC. Thankfully I think it’s not, now I’m running memtest again with no errors without one ram stick.
I disabled XMP (overclocking, but not really) and still errors. I removed one stick and the test is currently on 35% with no errors (thats new record). I will also try with other one to confirm its defective. Thank you :)
And they also have to let people use a VPN. And make UI load faster, it’s way too bloated.