The Meltdown CPU hardware issue can be mitigated by software, although at a processing cost. (My own system is already patched against meltdown)
Spectre however, is a design flaw and although software can be effective in mitigating some of the issue, Spectre is something that planet earth will have to live with for the next few decades.
Spectre is going to change the way you do things. If you do not change the way you work: your passwords will be stolen, you will have issues and you will become part of a botnet.
Some mitigation and answers to Spectre involves no more Javascript execution in the user space, not executing any new (untrusted) software. Re-evaluate how you and your users (consumers) use their devices. If you are an IT Tech you will have to educate your clients, explain to them that all CPU’s are vulnerable to Spectre. Explain that there is nothing that they can do except change the way they work. Even in closed software environments anyone can be attacked and exploited. Sure, closed environments with advanced scanners can mitigate against Spectre, but after the first few celeb hacks in such closed environments, any brand can suffer pain. Best is to educate users, change habits and change the way users work.
The only solution and mitigation against Spectre is to change habits, stop the execution of programs from websites, to use more text based email programs (not automatically open attachments)
Replacing cpu’s and all the devices on planet earth will take decades and is not an option, although the 1% will probably all have brand new devices within weeks… The 99% however will be stuck with broken hardware for a decade or more.
