2018-02-26
Meltdown and Spectre have made this a bad time to get a new x86 CPU
Despite reasonably solid plans, I still don't have a new home machine and in fact I probably won't get one for some time (even with my recent scare). Instead I'm likely to prolong the life of my current machine from 2011 at least a year longer than I was expecting. By far the largest reason for my delay is that it's currently a bad time to get a new x86 CPU, due to Meltdown and Spectre and the general class of security attacks that they've created. More specifically, for me it's due to the uncertainty about effective future CPU performance they've created.
All current x86 CPUs are vulnerable to at least some of the known Spectre attacks, and all current Intel CPUs are vulnerable to Meltdown (AMDs are believed not vulnerable to current attacks). Mitigating the current attacks costs performance, sometimes significant amounts of it, sometimes perhaps less. In addition there seems very likely to be additional speculative execution attacks discovered in the future (some may already have been found) that will require their own additional workarounds, with their own performance penalties. In short, things are only going to get worse for current CPUs.
There are least two options for what happens from here and I don't think we know which one it's going to be. The first option is that there will be good mitigations that are easy to roll into new CPUs almost immediately. Within a CPU refresh iteration or two, new CPUs could be much better at dealing with speculative execution attacks, with clearly cheaper mitigations required from software.
(This seems especially likely to happen with Intel CPUs and Meltdown, given that AMDs sidestep it entirely.)
The second option is that we're not going to get real CPU fixes for these issues for at least one major CPU generation, because small tweaks and changes won't be enough to do more than make things hurt a bit less. Discovering all the problems takes time; redesigning various bits of speculative execution hardware takes more time. In the Intel world, we might not get this until the end of 2018 with Ice Lake, or even later with Tiger Lake. This is especially possible if the first round of hardware mitigations turn out to be not enough, perhaps because people keep coming up with new attack variants that need new hardware mitigations.
If CPUs will get good mitigations in the next generation of product announcements, buying a CPU now gives you basically a lemon; soon you'll be able to get CPUs with meaningful effective performance increases because they won't need as many expensive mitigations. If CPUs won't get good mitigations until, say, the third quarter of 2019, we're probably pretty much in the usual situation with CPU performance increases; if you want a few years, you always get more (for some workloads). If the timeline is somewhere in the middle, I don't know; presumably it depends on how much you need the performance you can get with a new current CPU and system over what you have now.
(This also depends on what system lifetime you expect. If you live on the bleeding edge and discard systems after a year or two anyway, your calculations are a lot different than someone who's aiming for a five or six year lifetime.)
However, I have to admit that part of my reaction is emotional. I just don't want to buy a product that I know is flawed, and all current CPUs are flawed (in theory Intel more than AMD, but in practice AMD Ryzens and Linux are a bad combination). Rationally perhaps I should just go ahead and buy my planned machine now and just live with any performance impact (if I care, I can turn the mitigations off reasonably safely). But the mere idea of giving Intel money in this situation irritates me.
(Maybe for once I'll do a sensible, rational thing, especially with what may be a slowly dying home machine, but don't hold your breath.)
It feels good to have a fallback option for home computing
Earlier this evening, I had a close call with my now increasingly aged home machine; the fan noise went to 'very loud' and the CPU temperature started climbing. After I hastily shut it down and blew out all of the dust, I was able to determine that the actual problem was a dying case fan, which has a simple workaround (just take the side of the case off). Until I worked this out, though, I was facing the prospect that my home machine might be effectively dead for a while. Unlike last time, this was a lot less distressing and nerve wracking, because these days I have a fallback option for home computing.
My PC remains my sole actual machine at home (I still haven't done anything about replacing it for reasons that deserve an entry of their own), but over the past while I've made two important changes that give me an additional option. The first change was that I have a smartphone that can provide Internet access when my main Internet connection is out. The second is that this fall I got a tablet (from the company you'd expect), and more than that, when I got it I was smart enough to talk myself into getting the keyboard for it. The tablet lets me browse around on the Internet, and with the keyboard and a SSH client I can actually do meaningful remote work. It's not anywhere near as nice as my actual desktop for various reasons, but I can get by, and knowing that I wasn't helpless in the face of a dead desktop was a real relief when I was facing the prospect that that's what I had.
(Unfortunately my Internet goes out when my home PC does, because it's where I do DSL PPPoE. In theory I could probably reconfigure my 'DSL modem' to do it, because it's really a DSL router that I'm having act as a bridge, but it looks like I can't do this from the tablet for no readily apparent reason. It may be an inconvenient security feature that my DSL router refuses to let itself be reconfigured over the wireless interface.)
The tablet is not as nice as my work laptop and if I was going to be without my home desktop for any significant length of time I would definitely be taking the laptop home with me, but it is good enough to be okay to good over the short term. Also, being confined to the tablet probably would have the useful side effect of encouraging me to get off the Internet for once.
PS: As an experiment, I've written much of this entry from my tablet to demonstrate to myself that I could and that it wasn't too irritating (and to work out how to do it). It is irritating and limiting enough that I'm not going to do it unless I have to.
PPS: The two worst things about the keyboard are that it has no physical escape key and that I don't think I can remap the mostly useless 'caps lock' key to be a Control key. At least my SSH client uses Cmd + ` as Escape, which is not too far from actual Esc. As far as the feel goes, it's okay but it's not up to a real keyboard.
(This is not the entry that I planned to write today, but sometimes life intervenes and suddenly this issue is on my mind.)
Sidebar: What I'll likely do with my home PC
I don't like running with the side of my case off for various reasons, so I want to replace the dying case fan. My motherboard supports PWM case fans so that's what I'm planning to get (the current fan is not hooked up to the motherboard at all, just directly wired to power). Someone I know online has basically persuaded me to probably replace the CPU fan too, although that's more annoying and also more expensive if I get a good CPU cooler. I could get a basic 120 mm case fan and a basic LGA1155 CPU cooler at one of the local hardware stores, but if I want good ones (from, say, Noctua), I'll have to order them online and wait a bit.
On the one hand, a good new fan and CPU cooler should help prolong the life of my home machine, since the current ones are more than five years old. On the other hand, that will tacitly encourage me to continue sitting on my hands about replacing the whole machine, partly because it won't feel as urgent and partly because I will get the irrational urge to keep using the current machine to get my money's worth from the new parts.
(Probably I will throw money at the problem in irritation and get, say, the Noctua NF-S12A or NF-P12 120 mm case fan and a Noctua L12S CPU cooler.)