Microsoft Surface Book 2 comes with quad-core for the first time. It's based on Intel's Kaby Lake... [+]
[UPDATE] We're getting a slightly clearer picture of the performance hits on PCs from the Spectre/Meltdown vulnerability patches.
First things first: see this great explanation of Spectre/Meltdown. Great because it's brief but informative. And another here. And Apple gives a slightly longer but excellent explanation too.
Here's an overly-simplistic explanation: the vulnerabilities allow programs to steal data by reading data from other programs (which is typically not permitted). So, a malicious program can exploit Meltdown and Spectre to get hold of sensitive data -- such as personal financial information -- stored in the memory.
These attacks affect browsers where malicious JavaScript deployed through a webpage or advertisement could access information, according to Microsoft's explanation.
Gaming in the cloud takes a hit: Epic Games gives us one of the best illustrations of the havoc the patches are wreaking on the cloud in its "Services & Stability Update" for its Fortnite game, which runs on Windows, among other platforms. (Epic Games reference first appeared in Ars Technica, among other places)
All of our cloud services are affected by updates required to mitigate the Meltdown vulnerability. We heavily rely on cloud services to run our back-end and we may experience further service issues due to ongoing updates.
The following chart shows the significant impact on CPU usage of one of our back-end services after a host was patched to address the Meltdown vulnerability.
--Epic Services & Stability Update, January 5, 2018
Windows PCs take a hit in some operations: The next bit of testing comes from PC World's Gordon Mah Ung who saw storage throughput slowdowns on his Surface Book after he installed the firmware patches.
The sequential read and write performance doesn’t change much...But...4K performance ain’t pretty. While 4K read performance was similar, the write performance dropped by 26 percent.
Far worse, though, 4K read and write with high queue depth take a performance hit of 42 percent and 39 percent, respectively. Ouch.
--PC World, "Here's how much the Meltdown and Spectre fix hurt my Surface Book performance" January 13, 2018
He adds further down in the article that it's not clear if it's as bad "as the synthetic storage benchmarks make it out to be...We’re still very early in testing the patches, but it’s safe to assume that performance drops will be dependent on what you actually do with your machine."
I exchanged emails with Gordan Ung. I wanted to know how this might affect older Intel-based systems (e.g., laptops running Haswell or Broadwell processors) but there isn't a lot of real-world data on that. (Also see: Techspot "Patched Desktop PC: Meltdown & Spectre Benchmarked")
He said we should have a better idea when there's more widespread testing, adding: "This will go on for months if not years."
Breaking down performance hits: And for gaming on the client side (i.e., your laptop or desktop PC -- not the cloud) PC Gamer said the "good news for gamers is that Intel doesn't expect the security updates to do much damage."
The gaming pub went on to cite an Intel comment that "workloads that are graphics-intensive like gaming or compute-intensive like financial analysis see minimal impact."
An excerpt of Intel's comments below is as follows (the takeaway is that, the older the Intel chip architecture, the more of an impact the patches can have):
The performance impact of the mitigation on 8th generation platforms (Kaby Lake, Coffee Lake) with SSDs is small...the expected impact is less than 6 percent. In certain cases, some users may see a more noticeable impact. For instance, users who use web applications that involve complex JavaScript operations may see a somewhat higher impact....
Our measurements of the impact on the 7th Gen Kaby Lake-H performance mobile platform are similar to the 8th generation platforms (approximately 7 percent on the SYSMark2014SE benchmark).
For the 6th generation Skylake-S platform, our measurements show the performance impact is slightly higher, but generally in line with the observations on 8th and 7th generation platforms (approximately 8 percent on the SYSMark2014SE benchmark).
We have also measured performance on the same platform with Windows 7, a common configuration in the installed base, especially in office environments. The observed impact is small (approximately 6 percent on the SYSMark2014SE benchmark). Observed impact is even lower on systems with HDDs.
--Navin Shenoy, Intel, January 10, 2018 (see full Intel statement)
See this Intel PDF chart of benchmarks
Microsoft makes a similar statement in the post "Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems under the subheading "Performance."
Frequent reboots issue: while not related to performance specifically, Intel, in a blog post, said that both Haswell (circa 2013 chip microarchitecture) and newer Broadwell systems (Broadwell followed Haswell; Broadwell is a so-called "die shrink" of the Haswell microarchitecture) have add issues with "higher reboots."
Intel said: "We have received reports from a few customers of higher system reboots after applying firmware updates. Specifically, these systems are running Intel Broadwell and Haswell CPUs for both client and data center."
Fixes/Mitigation: Mitigation "includes firmware updates from device manufacturers and, in some cases, updates to your antivirus software as well," according to Microsoft.
--Software: On Wednesday January 3 Microsoft issued the January 2018 Windows operating system security update.
Microsoft goes on to say that Antivirus updates should be installed first. Then make sure Windows automatic updates is turned on. (If automatic updates is turned on, the updates will be automatically installed.)
--Hardware: install hardware (firmware) updates from your PC manufacturer. You may need to proactively check with the device manufacturer for updates. That is, it could require going to a device driver update page on the manufacturer's website.
