Am I the only who doesn't notice any slowdowns with the mitigations enabled?

Is it just me or does it almost seem like Intel was doing things on the cheap? Instead of paying for the expensive R&D to shrink the die, they focused on cheap, exploitable workarounds and now are being found out. By the time all of the exploits are discovered and plugged, Intel chips may not be any faster than AMD is now at the same die size.

The slowdowns are really only going to be noticeable on heavy loads. If you never max out your cores, your day to day experiences will have a negligible impact. To my understanding, this is especially true if your tasks don't need HT.

Well yeah of course. As far as I can tell, Intel is ready for a new architecture so they probably don't feel like spending the money revamping this aging one. It's faster, easier, and cheaper to just do software and microcode changes than it is to change the architecture. Your point about AMD being roughly the same speed is, to me, no coincidence. It wouldn't surprise me if AMD is showing what the true performance potential is when accounting for proper security. It seems every other month the IPC gap vs AMD is getting narrower and narrower, where at this point the only lead Intel has is lower latency and higher achievable clocks.

I agree in principle. AMD has done a better job in keeping their processors in spec without some of the wackiness Intel's have exhibited. But that only goes to a certain point, because AMD has also suffered Spectre related issues and we don't know the full extent of their problems because research has largely been centered on Intel. Whether that's just because Intel's hardware is more available, or there's some other kind of bias is speculatory. I agree here that when Intel has been informed of problems the responsible thing is to inform customers right away so customers don't spend new money on broken hardware till there's a real fix.

Where I tend to disagree is for those who were paying attention, it was already known that shared resource computing was more than a theoretical risk. For the past several years there's been research into timing side channel attacks revealing various weaknesses in Intel's HyperThreading implementation that result in information leakage. How about the IME (and probably AMD PSP) vulnerabilities and exploits? There's the baseband module attacks that are actively under exploit. TPM also has it's own weaknesses that can be exploited

There's a lot of hype around speculative execution flaws, but to say that people would have chose otherwise if they knew (when it's clear "they" are still purchasing Intel hardware even now with disclosure of Spectre, Meltdown, LTSB, IME exploits, etc already exposed) is a bit naive. Security doesn't sell to the general public, and it pretty much doesn't sell to corporations when the price of security is more than the cost of liability. Those that "would have spent more on security" already did. They're using mainframes and other more secure platforms.

The only way to fix the problem in the general computing sector for the rest of us is to make the price of liability of breach significantly higher than the cost of a (more) secure infrastructure. That will require government intervention.

Did you just call intel CPUs cheaps? I somehow cant agree if so.

Belief based security model? That's a new one.

OK, I'm not a security nerd, so I'm only concerned with: What year will Intel ship a CPU that has all these metro/sectre/gay/spoiler/alert/whatever vulnerabilities fixed once and for all?

2038.

Also called "titanic".

Although technically as long as they stay on Linux they are completely fine even if they run as root and install random crap from the internet.

Soon (tm)