Google fix for Meltdown & Specter - small impact, good fix

  • Thread starter Thread starter jim mcnamara
  • Start date Start date
  • Tags Tags
    Google Impact
Click For Summary

Discussion Overview

The discussion revolves around Google's fix for the Meltdown and Spectre vulnerabilities, specifically focusing on the effectiveness and implications of the Retpoline technique. Participants explore the technical details, user impact, and the necessary updates for operating systems and applications.

Discussion Character

  • Technical explanation, Debate/contested, Conceptual clarification

Main Points Raised

  • One participant references a technical article stating that Google has implemented a fix with minimal performance degradation for the 'Variant 2' attack prevention.
  • Another participant inquires about the implications for users, specifically regarding OS updates and performance expectations.
  • A third participant highlights that users will need to wait for programs and operating systems to be recompiled or patched to receive the fix, noting the primary impact on cloud servers.
  • One participant expresses strong dissatisfaction with the changes required in compilers to accommodate the fix.

Areas of Agreement / Disagreement

Participants express varying opinions on the implications of the fix, with some acknowledging its effectiveness while others criticize the necessary changes to compilers. There is no consensus on the overall impact on users or the implementation timeline.

Contextual Notes

Participants mention the need for recompilation and patching of software, indicating potential delays in user access to the fix. The discussion reflects uncertainty about the performance impact and the timeline for updates.

Who May Find This Useful

Individuals interested in cybersecurity, software development, and operating system updates may find this discussion relevant.

jim mcnamara
Mentor
Messages
4,789
Reaction score
3,852
This is the technical article:
https://support.google.com/faqs/answer/7625886

Please do not ask me for an executive summary. I fail Summary 101 repeatedly. Just ask my family.

Google fixed the problems and has run extensive tests since September. They found little performance degradation for the 'Variant 2' attack prevention that everyone seems to complaining/worrying about. Their Retpoline change seems to work well. In other words the doomsayers just lost what they were moaning about. The fix is free, as in no cost. Unless you program and develop code you cannot really use it.

You may see pop science articles about "Retpoline" - Return + Trampoline = "retpoline"
A trampoline is an inline function (a self contained function inside another larger function) in computer code, the return(machine specific low-level) statement means end what you are doing immediately, and go back (return) to where you came from. Kind of like the Monopoly game's: "Go directly to jail, do not pass go".

I cannot explain this any better for non-computer programmers, pop science articles may get it right accidentally. Someone else here can do better than I can.
 
Computer science news on Phys.org
It sounds good. Can you explain what it means to us users? Can we expect an OS update that will fix the problem with no performance degradation? Any idea how long it will take to implement?
 
Popular article: http://www.zdnet.com/article/google...ges-performance-hit-so-you-should-all-use-it/

It means you have to wait for programs to be recompiled or patched, this includes the OS. Then you get it via Windows update, or for Linux via apt get, yum or whatever program your distribution uses to update software. The main impact is for cloud servers handling all those gigantic baby picture graphics files that people post and then store in the cloud. File I/O is the main point of performance impact for Variant 2 -- all the other proposed fixes - Microsoft & Intel included.

All of us users now wait for a fix.
 
It's disgusting. Compilers will need to be mutilated to generate that atrocity.
 

Similar threads

Challenge: Find the minimum amount of draws possible for a list of integers
  • · Replies 9 ·
Replies
9
Views
3K
Computer languages tend to be transient
  • · Replies 44 ·
2
Replies
44
Views
6K
I am getting an error Import "_frozen_importlib" could not be resolved
  • · Replies 5 ·
Replies
5
Views
16K
Python How Can I Fix the IndexError in My 2D Ising Model Simulation?
  • · Replies 6 ·
Replies
6
Views
6K
Current and Future AI Threats to Humanity and the Human Response
  • · Replies 10 ·
Replies
10
Views
5K
Fixed Point iteration using matlab, whats wrong with my code?
  • · Replies 2 ·
Replies
2
Views
11K
Programs Broad Interest and Environmental Focus
  • · Replies 1 ·
Replies
1
Views
1K
Home Repair & Maintenance Advice for Newbie?
  • · Replies 11 ·
Replies
11
Views
4K
How do deviations from classical logic impact computation?
  • · Replies 3 ·
Replies
3
Views
4K
Math What are the challenges faced by disillusioned math majors in finding a job?
  • · Replies 127 ·
5
Replies
127
Views
23K