With the software fixes for the Spectre and Meltdown chip vulnerabilities slowing servers down by unacceptable amounts, a hardware fix is clearly what is needed, and Intel’s boss says one is coming this year.
Intel CEO Brian Krzanich told analysts during the company’s Q4 2017 earnings call earlier this week that “silicon-based” fixes for Spectre and Meltdown would arrive by the end of 2018. Intel has several launches set for this year and he did not specify which.
“We’re working to incorporate silicon-based changed to future products that will directly address the Spectre and Meltdown threats in hardware. And those products will begin appearing later this year,” were his exact words.
Intel has a new generation of desktop and mobile processors, called Coffee Lake, set for release early this year. Other than a high-end enthusiast part called Cascade Lake-X and a low-end Xeon called the Xeon D, which is used in small servers and desktops, there isn’t much that’s known.
Addressing the legality of what happened
Krzanich also, in an oblique way, addressed a point made by Linus Torvalds regarding the legality of what has happened.
“I’m sure there is some lawyer out there who says, ‘We’ll have to go through motions to protect against a lawsuit.’ But legal reasons do not make for good technology, or good patches that I should apply,” Torvalds wrote in a leaked email harshly critical of Intel.
In a carefully worded response, Krzanich said, “These circumstances are highly dynamic, and we updated our risk factors to reflect both the evolving nature of these specific threats and litigation as well, as the security challenge more broadly.”
“To keep you informed, we’ve created a dedicated website, and we’re approaching this work with customer-first urgency. I’ve assigned some of the very best minds at Intel to work through this, and we’re making progress,” he added.
Of course, those very best minds also issued BIOS fixes for Meltdown and Spectre that cause performance impacts and random reboots that were so bad Intel and its OEM partners had to take them down. So, Intel has something to prove here.
And even with fixes in the new processors, it still doesn’t address the millions of legacy chips that have the problem. Let’s say that new Xeons ship this year with Meltdown and Spectre fixes. That means millions of deployed servers are still in the field, and they will be there for many years. So, software fixes have to be an imperative.