Intel updates performance impact of SPECTRE and MELTDOWN fixes

Intel is continuing to measure and evaluate the performance impact of their own firmware changes to address the SPECTRE and MELTDOWN exploits. Click on the chart to view the results in full size.

The chart shows Intel’s measurements for certain 6th, 7th and 8th generation Intel processors. The measurements are made using standard “benchmarket” tests that simulate specific usage scenarios. Consequently, these are measurements of performance impacts to these benchmark tests, which may not represent how we use our own computers.

Source: Intel Security Issue Update: Initial Performance Data Results for Client Systems

Separately, Google says they managed to upgrade their cloud servers with their own fixes that had negligible impacts.

While AMD processors appear to not be impacted by the MELTDOWN exploit, AMD did announce that one of the variants of SPECTRE does impact the AMD processors.

This suggests that over the weeks and months to come, future updates may appear that fix new variations of the exploits but also improve performance as better solutions are identified.

The SPECTRE and MELTDOWN research papers

Here is some additional background information about how the SPECTRE and MELTDOWN exploits were discovered, plus a link to the research papers that describe the exploits in detail. The news media inappropriately, albeit understandably, referred to these as “Intel CPU” bugs or defects but they are not specific to Intel nor are they defects.

The exploits take advantage of a basic feature of pipelined architecture CPUs, which is all  high end CPUs now. You can read the research papers that explain the problem in detail at https://spectreattack.com/. Members of Google’s Project Zero Group found the problem; they are continuously doing research seeking new security vulnerabilities. Read their papers if interested in the super details of these security exploits.

The exploit is due to pipelined architecture and speculative and out of order execution, items that have been incorporated into personal computer CPUs for over two decades, to improve performance (make programs run faster).

Understanding the SPECTRE and MELTDOWN papers, at the link, does require an understanding of system and processor architecture.This is a very technical subject and we would not expect most new App Inventor programmers to understand such topics! That said, computer architecture is a fascinating subject if you wish to dive in at some point.

In a future video I hope to introduce computer and processor architecture to help you  understand the issues to see how this problem evolved – and how the exploit is not very obvious either.

I do think this is a big deal for server farms, but, after patches to OS, apps and firmware, probably not a huge deal to most of us running our personal computers.

Many videos demonstrating benchmark performance before and after patching have been posted on Youtube. I just watched one that tested before and then after installing both  Intel firmware patches and the Windows 10 updates and they found negligible performance change across a broad set of benchmarks – except for one test of 4K READ blocks from SSD disk (I think it was).

My current view is most of us will not see noticeable changes but that there are some scenarios, and specifically some server scenarios that may see significant performance issues. As with any other security vulnerability that is discovered, it is important to keep current with software updates, including Android, iOS, Windows, Linux and Mac OS X, plus app updates and so forth.