OK, I run Linux on a 10 year old Intel processor equipped Dell CAD box, so I have to actually go do something to protect myself from Spectre and Meltdown. I am using Intel and I must be protected from Intel itself ......
Why do I have to do something ??? Simply because
Linux requires the user to control security settings. Linux does not allow itself to change your computer in any major fashion behind your back, ever. YOU run Linux, not vice versa.
Amount of time to do it, less than 30 seconds. Trouble to do it, copy a line of stuff to the Chrome Browser bar and hit enter, then flip the switch you see to green, then exit out of the stuff back to normal land.
Knowledge required to set that line of stuff up -- quite a lot I suspect -- but knowledge needed by the real end user is approaching zero. Copy, paste, enter, click once, exit.
What did I turn on? I enabled the new advanced sandboxing feature in my Chrome browser (and it was already sitting there, waiting on me to turn it on) the same sandboxing thing that has always existed in Chrome OS.
Yes, this is brand new thing of a month or so ago, part of the FOSS group efforts against Meltdown and Spectre. If you run Chrome browser on Windows, you have the same stuff available to you, or you will shortly when Microsoft gets around to including the capability to use it inside itself.
There are other smaller things that have been quietly done, inside Linux Mint and inside Chrome browser, that finish up the job by changing how long things can be kept in cache, but
I had to turn them on with my one little lighted box mouse click.
Chromebook users had NOTHING to do to fix anything, Google took care of it during an update over a month ago. Remember, Chromebook style ChromeOS isn't pure Linux, it is Google's read on what people really really want,
which is never to have to think about it or deal with it, ever, period.
What is the diff between my old Dell Optiplex Core Duo box and a Google Chromebook at this point in time, even if I had a total loss event? A new Chromebook could be physically gotten and I would get my world back instantly upon my first log-in should I have the machine stolen or physically destroyed.
Anything less than a physical destruction event or an outright theft is handled by a 5 minute Power Wash (an over the air reload of all ChromeOS systems and all your personal preferences).
Chromebooks still sits at the pinnacle of ease of use, that is simply what Google does with Chromebooks.
Anyone can live with a Chromebook ..... it is seriously that easy to use.
The Dell based Linux box would have to be rebuilt by layers, taking at least 4-6 hours of work by me, with the time spread out over the first week of use. Time to reformat a drive and install the Linux software and all the apps off a DVD would only be less than 1 hour of that, tweeking and tuning all the little stuff to look like mine would be the rest of the time.
Six hours of normal use later ........
I have not noticed any slowdown, but logically I am using some more memory (since each tab uses a separate chunk of memory now) and my sandboxes all get raked smooth every 15-30 seconds and then each sandbox gets re-loaded to make sure NOTHING remains still for any length of time to be vacuumed up by a malware
so I am taking up a little more processing time and and a little more memory doing normal things.
But I run a light fast Linux OS system on a 10 year old (obsolete) Dell engineering CAD box that has WAY WAY WAY more resources than are needed to run Linux, so I think I am plenty good to go.
I do detect a crisper response to tabbing and scrolling, so the new Chrome browser memory system seems to work well, possibly even better than before. I am not seeing the very occasional slow up/hang up any more when you got to clicking ahead of the browser loading something, either.
Dedicated sandbox memory has some side benefits, apparently.