[dredmorbius]

My understanding is that Sceptre/Meltdown mitigations significantly slow processors due to reduced speculative execution, and perhaps more integrity tests against attacks.

That's something that's near-universal across AMD64 / Intel architectures, regardless of OS.

https://www.howtogeek.com/339559/how-to-stop-the-meltdown-an...

One view is to blame the mitigations.

Another is to recognise that the previous performance was itself a mirage, created by ignoring the risks presented by speculative execution (which had been long voiced, and long ignored by major CPU vendors).

[paulryanrogers]

Is it possible to disable these mitigations on Mac?

[dredmorbius]

It would be exceedingly unwise to do so.

[paulryanrogers]

Even on a single user system which doesn't run untrusted software?

[arepublicadoceu]

> Even on a single user system which doesn't run untrusted software?

If you use the web you run untrusted code all the time, unless you block js and never turn it on.

Unless you verify each code, on each software you run and build it yourself or have reproducible builds, then you run untrusted software.

I would only be comfortable disabling these mitigations if the computer were air-gaped and never touched the internet.

So yeah, it' unwise to disable these mitigations, but, in the end, it's your call.

[Tagbert]

does JavaScript really have the level of access to abuse these kinds of vulnerabilities?

[dredmorbius]

In the unlikely event that you're absolutely confident that's true, you should also be competent enough to find the answer on your own.

If the device is network-connected at all, or is exposed to any external devices or storage (drives, USB or other devices), it is running untrusted software.

[bzzzt]

As long as you keep Javascript disabled in your browser...