Given how a lot of recent vulnerabilities have to do with symmetric multithreading, the world would be a lot safer if all your systems only used a single core:
What it does
It disables every single core but the first one, cpu0.
Why it works
The Linux kernel allows you to enable/disable cores on demand using files under
- Some twisted kind of mitigation for Intel® bugs.