Meltdown and Spectre are two new computer exploits that are based upon how modern computer chips work. In order to run as fast as possible, computer chips make decisions on how the program may work before it actually gets to the instructions that are going to decide where to go. It is similar to making a film of a trip before you take it, and if you do not go where the filmmaker thinks you are going, the film has to be discarded and not shown to you. In Meltdown, sometimes you can see the film that you should not see. Meltdown is thought to be exclusively an Intel problem. Microsoft and Intel are putting out fixes for Meltdown; however, Intel is only, at this writing, planning to fix the microcode that controls the chip on CPUs that are less than five years old.
There are two major Meltdown issues. First, the fix will slow down programs, as no one knows for sure how much the slowdown will be. Estimates are from 5% to 30%. The worst slowdowns will be for servers that control large data centers and the cloud. Second, what about older processors. For example, I run some Intel I7 chips that are seven years old, yet are still very fast. Am I at risk?
Spectre is a more pervasive problem. It again is at the guts of all modern processors; Intel, AMD and others. There are no known Spectre or Meltdown exploits yet but, again, no one knows. There are also no complete fixes for Spectre yet. So, what should the average user do? I would recommend that the operating system should be kept up to date, and the users should follow the suggestions as they come out. The local Computer Booters club will be watching this situation very closely.
Allan Levy is the Technical Director of the Computer Booters and is a retired staff scientist.