I asked over on techspot how vulnerable we really are and this sums up what I really wanted to know..

Do you believe you will be targeted and infected?

- Meltdown has low prevalence and if you have safe habits, update your OS regularly and use a decent security soft; chances you get compromised are very low.
- Spectre is too complicated to setup, need physical access to your motherboard, you won't be hit by it.

If you are not hurry you can wait a bit before purchasing any cpu and wait fixed versions. However since the issue, actual cpu's prices went down a lot. .

It is your choice. " src="https://www.techspot.com/images/icons/new/prekesh-happy.png" alt="" />

I suspect network latency will still be orders of magnitude greater than the overhead of these patches on context switches (as the CPU swaps between user and kernel mode).

It not so much how much I/O happens but how many system calls a program makes to the OS that is a factor. Eg if some dumb program read/wrote (or sent/received) a large file one byte at-a-time then these patches would really hurt it's (already not very good) performance.

That's what I've been trying to say, the performance hit, on even home user PCs , will be greater than first revealed by Intel or Microsoft.  Yeah, we are told this is the way of the world, with hackers seemingly allowed to run rampant to do as they please, but does it really need to be this way?    Surely these big tech companies have the resources and know-how to to combat these threats even before they emerge... like be proactive so that users can be 100% safe in using the products they spend big money on.

According to what I read, Intel is now saying not to install the patches is has released as they cause more frequent reboots.  Intel is currently working with its partners to release updated patches since identifying the rebooting issue, so that may be why you've not yet received your microcode/BIOS update.

Intel: A major cock-up, so glad I went AMD for this new build.

I followed a link on 'Tom's Hardware' and the article had various benchmarks which suggests that many of AMD's Ryzen series beat similarly rated Intel performers.  Frankly, though, I don't much care about which manufacturer has the fastest CPUs.   I'm happy with what I've got and am looking forward to firing up this AMD beastie once I have all the bits n' pieces to make it  positively the best build I've ever done.

Maybe Intel wants to make patches opt-in instead of opt-out. Intel likely doesn't want new CPUs tested with patches because they will look bad compared to old CPUs that were tested without patches.

The question is if Intel can do something with the current Core design. As for Spectre all CPU vendors need to redesign silicon to avoid performance penalty from software workarounds.

It will take years before we have CPUs which are safe without performance-sucking patches.

I'm torn between "I don't care, I want max performance from my hardware" and "it's better to be safe than sorry".

Right now I don't think there are practical exploits that one has to be very concerned about, but I don't really know. Browsers should be patched against Spectre.

This is just a headache, no idea to think too much about this - it's just a bad situation. I guess we could call it a lose-lose situation.

i think chrome just got patched but you could have enabled a flag before.

and i think it's more like 20 years rather than 10? anything intel but itanium is vulnerable or some such. it's not just the google guy.. and they are building on someone else's research / speculation (last year or the year before i think. the kaiser stuff)