0

I was wondering, assuming a "The Invention of Lying" world, but where no one was able to steal or misrepresent themselves how much faster would computers be? Just to give two examples of what I mean, there would be no need for user permissions (because people would only access the files they were supposed to) and no need for separate users with different privileges. The first would speed up file systems on every level. So, basically, the question is how much does security slow down an average computer? (I know average isn't very well defined, so you can assume either a Windows 8 computer, a Mac OS Mavericks, or Ubuntu 13.10). If this is unclear please leave a comment and I'll try to explain further.

ike
  • 131
  • 4
  • If this belongs on a different SE site please tell me. – ike Mar 03 '14 at 17:39
  • 1
    You would still need things like file permissions and separate user accounts to prevent people from doing stuff by mistake instead of deliberately, like accidentally deleting someone else's files by mis-typing a command. So it wouldn't make much difference. – Mike Scott Mar 03 '14 at 17:45
  • So assume people are perfect. I'm not saying this is feasible but I'm just wondering how much of actual CPU and other usage is just checking. – ike Mar 03 '14 at 17:48
  • 1
    If we're assuming people are perfect, that makes much more difference to the speed of computers than just removing security, because they're designing perfect CPUs and writing perfect code. – Mike Scott Mar 03 '14 at 17:54
  • "Premature optimization is the root of all evil." --Donald Knuth – bonsaiviking Mar 03 '14 at 17:56
  • 1
    What do you mean with "security"? Does that e.g. include preventing data loss and ensuring data integrity? Because, thinking or say RAID arrays, this "security" then actually speeds up parallel data access through redundancy. Parity, ECC,... enables you to trust your results,... and all of it makes computing worthwhile. "No security" doesn't make computers faster, it makes them pointless. – TildalWave Mar 03 '14 at 18:26
  • assume people are perfect You have far more faith in my imagination than I do. The problem, I suppose, is that I've met too many people to maintain this assumption for any length of time. How about we meet halfway at "assume people are good at using computers"? – Parthian Shot Jul 09 '14 at 18:40

3 Answers3

5

In a modern computer, separation of user process is enforced with the MMU. The MMU decides for each page (a block of RAM, usually 4 or 8 kB, depending on architecture) the relevant access rights, but also where the page actually is in physical RAM. Though the MMU is critical for the security framework, it also has a lot of other usages which grant extra functionalities which increase computing power, rather than decrease it:

  • support for virtual memory;
  • on-demand loading of mapped files (in particular executables);
  • copy-on-write forking.

When you have a MMU which can do the above, expanding it into a tool for security is basically "free": you have the MMU for functionality and performance, and you get security with it as well. In that sense, "without security", computers would not be faster.

There are corner cases, though. For instance, I know a researcher who has long specialized in discrete logarithm cracking. The best known algorithms for such tasks imply a task called sieving in which a computer will use a big array of bits (several gigabytes) and make seemingly random accesses in it. The MMU uses in-memory tables to store the metadata for each page; though the MMU has a dedicated cache (the TLB) to keep the most accessed page entries, random accesses in gigabytes of data imply that most accesses will cumulate cache misses: for the data itself, but also for the MMU tables. Bottom-line is the following: by booting his PC on a custom OS with no MMU usage, he could run his code about three times faster than with a "normal" operating system. Of course, without the MMU, no process separation either -- which was not an issue in his case, in particular since his custom OS was not multitasking anyway.

MMU-less architectures are common in small embedded systems. Not having a MMU does not make such systems faster; it makes them cheaper, because a MMU-less CPU can be smaller by a few thousand gates (it won't matter much on a PC with its billions of gates, though).

Thomas Pornin
  • 326,555
  • 60
  • 792
  • 962
2

Permissions would still be needed to prevent accidents. Files aren't set read-only for example only to prevent a bad user from modifying them, but also to let good users know that it shouldn't be modified.

It would make things like virus scanners and encryption completely unnecessary which would make things a little faster, but you can see that by simply disabling AV and going to an HTTP based site. The Internet itself was built on the assumption that people wouldn't do bad things and a lot of the security stuff that we have has been retroactively worked in, so it's entirely possible to actually try things without any security that wouldn't be needed anyway to prevent accidents.

In general, the answer is not a whole lot faster though. SSL encryption is probably the most expensive common security related activity (that and server side password hashing with high iteration counts), but the hash is only done once per login (so not a significant contributor) and SSL only really makes a difference because of the numerous connections using it at the same time.

Another thought is that it might actually make programs slower. Right now, to develop a secure program requires a higher level of checking for bugs and as security becomes a bigger concern, it makes testing for those kind of issues more financially viable. Some of those may have performance savings when fixed and if that testing wasn't done because spending money on security wasn't needed, then things could actually be slower without security.

If you assume that people will make no mistakes and there are no hardware failures, a lot of redundancy can go away, but it would be more of a power savings than a time savings in a lot of cases since processes can be done in parallel a lot of the time. Tags for permissions should be relatively close to the file records and user permissions for the most part should be cached, so it should be a fairly minor cost even if all permissions and redundancy could be removed.

AJ Henderson
  • 42,081
  • 5
  • 65
  • 112
0

Security has nothing to do with hardware or speed. I believe computers will be as fast as they are in an ideal threats-free world.

Saying this, I believe you are talking about "how much is the security software slowing my computer". Actually, not so much or none (depending on the task). Most of the time you are only using a bit percentage of your CPU, your RAM... So in fact your PC is not behaving much slower with your AV turned on (or managing security).

You will only notice that your PC takes a little longer to achieve some tasks when it actually requires handling security and using the 100% or the CPU with the task.

So long story short: most of the time you won't notice your AV is up and running. But, I will give you that it will be a much user-friendly software (no logins at startup, no backups, no checking for updates...)

kiBytes
  • 3,470
  • 17
  • 26
  • You still need logins at startup for customized user environments, backups for natural disaster recovery, and updates for non-security bug fixes. – Iszi Mar 03 '14 at 17:59
  • Yeah, yes of course, I am talking only about these times you use those only for security concerns. – kiBytes Mar 03 '14 at 18:03
  • @Iszi but no passwords for those logins. – ike Mar 03 '14 at 18:13