7 Spectre/Meltdown Symptoms That Might Be Under Your Radar
The Spectre/Meltdown pair has a set of major effects on computing but there are impacts on the organization that IT leaders might not have considered in the face of the immediate problem.
March 20, 2018
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt0aaa117ed11df9c8/64f0d65b44491b5127abe2ce/Image_1.jpg?width=700&auto=webp&quality=80&disable=upscale)
null
Feature Delay
The nature of the Meltdown/Spectre combination means that there aren't any apps or services that can be coded so well that they're immune. And the fixes that have come from Intel, so far, impose a performance penalty that ranges from significant to "wow."
As a result of the performance hit that comes from security (a performance hit that can be as much as 54% for certain functions), companies may hold off on some of the newer features and functions that depend on the kind of unfettered CPU cycles that seem set to go on forever. Instead, software development resources can be focused on boosting application performance on the newly limited CPUs.
It's hoped that full attention can go back to CPU-intensive features when the issue is resolved in a future generation of CPUs, but until then, don't be surprised if the march to fuller feature sets is delayed by the rising waters of Meltdown and Spectre.
(Image: aitoff, via Pixabay)
More Expensive Clouds
Cloud computing service are, like almost every other large-scale computing business, based on huge datacenters sized according to careful estimates of future CPU, storage, networking, and other resource requirements. Now, the CPU performance penalty of the Meltdown/Spectre fix (20% or more for some cloud servers) has thrown those CPU estimates into a cocked hat.
Overcoming the CPU performance deficit means one of two things: customer population can be limited so that each customer has access to more CPU cycles, or more (defective) CPUs can be purchased. Either way, there's an inevitable impact on the customers.
Whether the resource is more limited or it costs more to provide the resource, the dismal science of economics says that the price is going to rise. All of this could well mean that the "race to the bottom" in cloud pricing is put on hold until the CPU situation stabilizes.
(Image: Orfoto via Pixabay)
Manufacturer Suspicions
"Trust" is a word with many levels of meaning in business IT, but one of them is quite straightforward: When a company purchases a product, it trusts that the product will work and work safely. That trust has taken a huge hit in the Meltdown/Spectre debacle.
Even manufacturers and vendors with generally superb reputations for high-quality products will now be looked at more closely because the market knows that no company is immune from problems. The suspicion is likely to lengthen sales cycles, change the tenor of sales meetings, and lead to more insistence on detailed indemnity and quality of service provisions in contracts.
(Image: kalhh, via Pixabay)
AMD Scrutiny
In the initial aftermath of the Meltdown/Spectre announcement, it seemed as if AMD might benefit because of its presumed immunity from the problem. While AMD chips aren't problem free, some say that recent reports of AMD issues are overblown.
Regardless of their individual validity, the new reports do show that a heightened scrutiny of Intel security is going to bleed over to include AMD, as well. There are some who prefer Athlon and Ryzen CPUs and some who avoid them, but every AMD CPU is now going to be looked at as carefully as anything coming out of an Intel foundry.
(Image: PublicDomainPictures, via Pixabay)
Refresh Cycle Crashes
Companies know that computers age, that technology progresses, and that new systems must be purchased for datacenters and for end users. Companies also like to plan. That has led to the "refresh cycle" through which companies could plan on buying a new round of computers every four or five years, like clockwork. Meltdown and Spectre broke the clock.
Companies around the world know that they have defective CPUs sitting in their computers. They also know that, if they replace those computers right now, they'll replace them with computers containing defective CPUs. Many companies will choose to delay purchases until a CPU fix is in place rather than buying computers with a known issue.
A delay in the refresh cycle, if enough companies adopt the strategy, could have impact across the industry. Don't be surprised to see "the sky is falling" news reports about a weak computer industry and related temporary sales on current-generation systems. But be prepared for the other shoe to drop when a new, non-affected, CPU is available.
(Image: StarFlames, via Pixabay)
Component Shortages to Come
Remember how we were talking about companies delaying purchases because of Spectre/Meltdown? Well, at some point, either the problem will be fixed or companies will decide that they simply must have new systems. If the new purchases come courtesy of a fixed CPU, then it's likely that an awful lot of companies will be buying around the same time - and that's likely to result in shortages of CPUs and just about every other component that goes into a server or PC.
If prices go up because of the component shortages (and they will) it's bad enough, but the industry is also likely to see delayed delivery times, meaning that datacenters and end users that have waited for new, defect-free systems will have to wait a little longer. Cue the heavy sighs.
(Image: SilviaP_Design, via Pixabay)
Budget Be Gone
When you add up a busted refresh cycle, longer sales cycles, new cloud service economics, and a set of possible component shortages, what you have is a formula for budgets that don't make sense. The longer the time horizon on the budget forecasts, the more likely it is that the numbers will need serious adjustment, but even year-to-year budgets may face major re-writes.
The thing is, budgets aren't written in anticipation of the kind of problem Spectre and Meltdown represent. In the same way that passenger shipping budgets didn't really account for the Titanic, hardware and software budgets assumed the best (or at least, something besides the worst) from foundation vendors. What they got was Meltdown.
All of the issues listed in this article can be handled, but it will be better to handle them proactively than to wait for them to cause problems. How many have you begun to prepare for? Which effects did we miss in our list? Let us know in the comments -- we're prepared for the discussion.
(Image: cocoparisienne, via Pixabay)
Budget Be Gone
When you add up a busted refresh cycle, longer sales cycles, new cloud service economics, and a set of possible component shortages, what you have is a formula for budgets that don't make sense. The longer the time horizon on the budget forecasts, the more likely it is that the numbers will need serious adjustment, but even year-to-year budgets may face major re-writes.
The thing is, budgets aren't written in anticipation of the kind of problem Spectre and Meltdown represent. In the same way that passenger shipping budgets didn't really account for the Titanic, hardware and software budgets assumed the best (or at least, something besides the worst) from foundation vendors. What they got was Meltdown.
All of the issues listed in this article can be handled, but it will be better to handle them proactively than to wait for them to cause problems. How many have you begun to prepare for? Which effects did we miss in our list? Let us know in the comments -- we're prepared for the discussion.
(Image: cocoparisienne, via Pixabay)
-
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024