|
|
|
|
|
|
by exportgoldman2
3092 days ago
|
|
|
Wrong. Wrong. Wrong. Sigh. This bug allows a user level process or even a website to read any memory on the pc, including memory of another vm on the same box. Bitcoin wallets, passwords, keys, all up for grabs by anon. Can't be fixed by intel so all os providers have to implement fixes in os which slow down pc by approx 30%. So you gaming pc or aws instances just cost more |
|
|
This is a major one. On a dedicated box, as long as ssh and your http server are secure, you can run a compromised kernel. In practice, of course, it mostly means that there's an extra layer of exploit necessary before attackers are in. Everybody should insist on that, always.
Performance is another one (to put things bluntly: a 2-year-old atom with 4G straight on hardware, on 99% performance, beats a Quad Xeon with 96 Gigs of ram where you're 1 out of 100 VMs. And even that undersells it. In practice on that quad xeon it will regularly take 1s to jump into your code for a web request. Not generating a response, just the time before it actually processes your packet. If you're I/O bound (ie. every single website), the lowly dedicated Atom will beat the big bad Xeon).
And lastly, included network capacity is the third one. The cheapest dedicated on hetzner comes with $3000 worth of network (Google cloud prices, Amazon's are more expensive, and yes it's FUP bandwidth, so presumably you can use like $500 of it without problems if you're paying $10, not the full $3k)