I think Linus' comments are justified because this isn't exactly a recently discovered issue, All the ones that knew didn't speak much about it and yet Intel still released 8th gen without a possible fix.

Specific-designed benchmark could show 50% performance loss.
Some Real World tasks could show 40% performance loss.

Average performance loss is around 5%.
Most people would not even notice it.

My Linux machine is running kernel 4.14.12, with KPTI patch enabled.
I personal can not feel any difference in daily works.

I don't know Torvalds so I can't speak at all as to his character, but I think when it comes the occasional press pickup of the flavour of the month Torvalds tirade, we're getting close to celebrating being an asshole. Sometimes the mailing lists seem like an asshacracy. I bet Torvalds puts on full terminator armor when he goes to post one of these things and has a literally battle scarred keyboard.

I can't remember reading anything he wrote that didn't have smarmy dick factoring as a major component of it. Don't mistake this as a defense of a giant mega-corporation with verified anti-competitive actions under its belt.

That Innernet thingy is bound to catch on one of these days...

----

Have there been any real-world damages (beyond the nerfing) from Spectre and Meltdown attacks? Meaning, has anyone actually used these exploits to mess up someone's PC? Or is all of the harm coming from finding the exploit and then fixing it?

I haven't really heard anything about any confirmed incidents of the bug being used. The bug, however, is really hard to log for, so there is less chance of it being known about if it did get used against somebody.

The Olympic shot-putter?

This whole exploit/design flaw only allows attackers to read the system's memory, but it doesn't give them the ability ( at least not directly ) to make any changes to the system, correct? I mean, they can spy on people's passwords etc., but they can't erase files, or install harmful software using this technique... ? Unless they use the passwords and other data they find to gain further access to a computer system. Does that sound about right?

The joke's on them - I don't use any passwords.

Pretty much. They aren't a vulnerability as a means to compromise a system, corrupt files, or execute code. However, once bad software is running on a system, they are means for that software to snoop quite effectively, even well outside of its privilege level. It could get the most secret and important of information on the computer without actually having had to have gained that level of control.

In the case of virtual machines, they could even allow a program running in one to snoop on things in another, outside of its own virtual machine. This particular effect was mainly specific to Spectre but Meltdown could work on at least one virtualization implementation.

This is mainly an enterprise threat, but when javascript on webpages can steal your passwords, it's still really bad for users.

that's because you only read the occasional rant from him every few months that makes the internet news.
all the normal day to day interaction that goes on in the linux development circles doesn't make it into the news.
you can't keep a project with the size of the linux kernel running smoothly if you are just an asshole all the time.

What the hell happened to my links in the OP???? Godammit I know I had those links.

WTF did I screw up now? Damn it's gonna be hard finding those again. Thought I could come here and click on the links in my post but nooooooooooooooooooooooooo,,, there's only one link and it takes me to the damned GOG General Forums page.

Jeebus I really could screw up a one car parade.

I can't do it. I'm not smart enough, and when i have problems there's no one here to help. I do bad enough with Windows (which is easy). No way I could handle Linux. Wish i could. Or wish someone was here that could help. But like my late Uncle Sandy used to say.... "Wish in one hand and shit in the other and see which one gets filled."

A quick google brought up this as the first hit (there are tons of others): https://gizmodo.com/linus-torvalds-is-not-happy-about-intels-meltdown-and-s-1821845198

*edit* NM, I see you got the links fixed.