‘Meltdown’ and ‘Spectre’ – a Brief Impact Assessment
Here’s a brief introduction into the Meltdown and Spectre
security issues, taken from www.meltdown.com
Meltdown and Spectre exploit critical vulnerabilities in
modern processors. These hardware vulnerabilities allow programs to steal data
which is currently processed on the computer. While programs are typically not permitted
to read data from other programs, a malicious program can exploit Meltdown and
Spectre to get hold of secrets stored in the memory of other running programs.
This might include your passwords stored in a password manager or browser, your
personal photos, emails, instant messages and even business-critical documents.
Meltdown and Spectre work on personal computers, mobile
devices, and in the cloud. Depending on the cloud provider’s infrastructure, it
might be possible to steal data from other customers.
Meltdown breaks the most fundamental isolation between
user applications and the operating system. This attack allows a program to
access the memory, and thus also the secrets, of other programs and the
If your computer has a vulnerable processor and runs an
unpatched operating system, it is not safe to work with sensitive information
without the chance of leaking the information. This applies both to personal
computers as well as cloud infrastructure.
Spectre breaks the isolation between different
applications. It allows an attacker to trick error-free programs, which follow
best practices, into leaking their secrets. In fact, the safety checks of said
best practices actually increase the attack surface and may make applications more
susceptible to Spectre
Spectre is harder to exploit than Meltdown, but it is
also harder to mitigate.
Fortunately for my Z170 based Windows 10 test system Microsoft
and Intel have released patches to counter the threat of Meltdown and Spectre. Applying
the patches involved updating to the latest release of Windows 10 and updating
to the latest BIOS (which also applied changes to the Intel Management Engine
I was recently made aware of the availability of the
InSpectre utility (credit the Facebook SSD NAS and Storage Discussion Group)
that you can run to check if your Windows system is vulnerable to Spectre and Meltdown.
Here is a screen shot of the result from running InSpectre on my patched
Desktop PC test system –
To assess the impact of Meltdown and Spectre patches upon
storage performance in my Windows 10 based test system, let’s have a look at
some Before patching and then After patching tests run on an Intel 750 400GB
NVMe SSD –
Synthetic Tests –
You can see that the Random 4K Queue Depth 1 results,
particularly the Writes, have fallen significantly and the overall score has
dropped by 109 points.
You can see a similar picture with the Anvil benchmark,
particularly a fall in the 4K Writes, and the overall score has fallen by
3332.82 points. Interestingly an increase in Seq 4MB read speed is apparent.
Crystal Disk Mark
Again, we can see a significant drop in 4K Read and Write
speeds and an increase in sequential read speeds is apparent.
The increase in read speeds for the larger IO sizes is most
apparent here but we do see a drop in write speeds.
Real World Tests
PCMark8 Storage Benchmark
Interestingly, you can see that for the Intel 750 there is
no significant change in the before and after PCMark8 results (indeed the
result has actually improved slightly).
Copy Movie to Intel 750
Copy Movie from Intel 750
Copy Game to Intel 750
Copy Game from Intel 750
Copy JPEGS to Intel 750
Copy JPEGS from Intel 750
You can see there isn’t any significant change in the real
world copy tests, but in most cases performance has got slightly worse.
So, it appears the synthetic benchmarks have been significantly
impacted but the real world tests have not. Rather crudely put, I understand
that the synthetic benchmarks spend a relatively large amount of time hanging
around waiting on the completion of IOs and this area of functionality is affected
by the Meltdown/Spectre patches, and hence why a drop in performance is
For storage enthusiasts (like me) this drop in synthetic
benchmark performance is frustrating, however I believe the majority of users
will not feel any adverse impact in their day to day operations.
It appears to me that the impact becomes much more apparent
in ultra high performance drives such as those based on the use of Intel’s
Optane storage technology. For example, my Optane 900P NVMe drive has dropped
from an Anvil overall score of 25,864.78 to 20,566.04. I plan to publish a
review of the Optane 900P 280GB drive in the near future.
I hear there is some hope that Intel and OS providers may
fix the patches’ impact on performance in the future – as a storage performance
enthusiast I hope so.
I realise this is only a brief assessment based on a very
limited sample but I hope it gives readers a feel for the impact.
In this review all of the Windows 10 based performance
results for the SX8200 were taken following the application of the Spectre and
Meltdown patches and in the product comparison charts the Intel 750 scores are
updated to the new post patching values. Please note that no Meltdown and
Spectre fixes have been applied to the OakGate Test Platform.
Now let’s head to the next page, to look at my approach
to testing Client SSDs…..