|
|
|
|
|
|
by ignoramous
742 days ago
|
|
|
> The gvisor netstack ... this article is discussing how the performance of that component was ... garbage. The article and a related GitHub discussion (linked from TFA) points out that the default congestion algorithm (reno) wasn't good for long-distance (over Internet) workloads. The gvisor team never noticed it because they test/tune for in-datacenter usecases. > These tools bring marginal capability and performance gains I get your point (ex: app sandbox in Android ruins battery & perf, website sandbox on chrome wastes memory, etc). While 0-days continue to sell for millions, opsec are right to be skeptical about a very critical component (kernel) that runs on 50%+ of all servers & personal devices. |
|
|