another man's ramblings on code and tech

Remembering Meltdown and Spectre

Ahh, we’re already almost halfway into 2019. How time flies. Thinking about last year made me remember, that around this time, we had just received poorly performing OS patches for Spectre and Meltdown. At the time that the patches hit my desktop machine I recall Firefox slowed a little more than usual, Chrome didn’t seem affected at all, and my resource drain space simulator games got a little more stuttered than usual. No real major impacts, but noticeable in certain cases. When the Chrome patches came in, however, I did notice my Chromebook came to a dead crawl. It used to be able to handle lots of tabs and Android apps running at once. After the first patches, it could barely handle a few tabs open with the Android Spotify app running in the background. This is also when my girlfriend started mentioning her Surface book was way slower than normal. I realized her main use cases, as a writer, involved having a bunch of Word documents, powerpoints, and hundreds of research tabs open in Chrome; one of the worse performing cases down almost %12 according to PC World.

I mention this because it was one of the first times my work in performance has actually crossed over into the real world of useful knowledge for my girlfriend. Generally, she’s not interested in explanations of how memory works on a computer or caching or much of the things I’ve picked up at work, which is totally fine. This time, though, I had an awesome reason to explain Meltdown and Spectre, which she actually was interested in because of its effect on her main PC. I think it’s a good indicator of how widespread and impacting these vulnerabilities were. Even people totally disconnected from the software world were getting impacted in stark ways in their day to day use.

So, now that we’re well into the new year, let us be thankful that we’ve survived the first few rounds of patches. Neither Meltdown or Spectre is really totally fixed right now, with some talking about re-architecting CPU design from bottom up, while others discuss predictive compilers than can prevent vulnerable code paths in the first place. In either case, there was one silver lining for me with this; I got to connect with someone I normally can’t on computers, performance, and exploits. At least it had that going for it.

Date: May 02 2019