New
#1
Do we know the actual risk of Meltdown and Spectre?
There has been a lot discussion about Meltdown and Spectre on this forum and others, but I'm still confused. And I have 2 computers, and possibly 3, that are old enough that no BIOS remedy will be forthcoming so I'm going to be vulnerable to Spectre for the foreseeable future. But how vulnerable is that? I realize that no AV product is going to have AV signatures of malware exploiting Spectre until such programs are discovered and reported, and I've heard that there is no obvious identifying characteristic of programs exploiting the vulnerabilities.
On the other hand, common web hygiene will be just as good at preventing infection by Meltdown and Spectre exploiters as it is for any other malware, won't it? Somewhere I read that the most likely route for exploitation is via browsers. Is there any truth to that? Some common browsers (such as Firefox) have already released fixes.
Bottom line: how dangerous is it to run computers that will not have BIOS fixes?