I like the way that TheRegister reports on these Spectre variants, pointing out that they've never been exploited in the wild, are only seen in the lab, and pointing out that for bad actors, there are always plenty of easier exploits and social engineering to employ to get at your uber-valuable data. Such as your pirated games. Your anime collection. Your favorite memes. All that super valuable stuff you are keeping on your Top Secret computer.

Nice try at dismissing the importance of people's data and their privacy, a fundamental human right. You're a good tool for the establishment. Keep at it.

What's the difference between this and the "SQUIP" vulnerability?

I am not dismissing your human right to sacrifice 39% of your CPU performance to keep your stolen copy of six seasons of Golden Girls free from prying eyes. Not at all - in fact, I think you should sacrifice even more performance. Why not 89%?

mitigations=off

Noice, my AMD E2-2000 (Bobcat, btver1) which I am typing from is not affected.

Will that still be valid and applicable for the new mitigations coming ?

as long as its not firmware based fixes, then yeah. if it is firmware based, don't update cpu firmware. avoid new bios updates and remove intel / amd ucode packages.

I think you are conflating a few entirely different concepts in your post by including a "social justice" comment like "a fundamental human right"

How you setup your computer is still entirely your choice; Linux gives you that choice. It's that simple.

The key fact that I think Andy's post was making is the lack of "in the wild" exploits for these issues. WIll there be exploits in the future? Maybe, then again, maybe not; none of us can predict the future (I think).

I look at code development like this as providing the end user with the option of "hardening the target"...and I think that having that choice is helpful.

As we have all seen with previous CPU attack vector mitigations, Linux coders tend to figure out the solutions first and then they refine them as best they can. The early Spectre and Meltdown attack vector solutions were like that but I think those solutions have been refined; I would have to check Michael's testing posts elsewhere on Phoronix to be certain.