What really gets me is from a technical and programming direction (I learnt 5 programming languages in my early IT education), I can't seem to figure out why any fix would slow down all the processes by 30% unless something was running and doing something in the background constantly, and then would could that be?
The problem is it is a hardware "microcoding" issue, down to the local CPU area on the motherboard. What they are doing right now is a "soft" fix on a "hard" problem, which is only temporary once hackers figure out how to break the "soft" fix.
You have to rely on firewalls on your network to cut off "parasitic hacker" connections (this is what all the cloud platforms are doing - only problem is all it takes is one lousy customer with a stupid password to break in).
Basically, the hard-coded "branch prediction"/"speculative execution" schemes (due to the necessity of prediction schemes requiring "free flowing" information) are open-doors for hacking since any communication requires two way street - all you need to do is hook up a "speaker" to one line and you can get any information.
Keep in mind all data (especially your hard drive, and your USB drives) has to go through the CPU to interpret the microcodes and execute them.
Let me give you a simple example.
Assume you and your neighbor have two lines hanging between your houses, as you have agreed to freely exchange food and other stuff. To protect your privacy, you enclose the tubes with black latex cover.
(Yes, painfully obvious what the problem is, but it is basically the CPU design)
Now imagine you and your neighbor are now passing so much stuff that you need to figure out ahead of time how much to buy at the store. So what you do is you cut a hole to look at the flow of stuff, and given certain combinations, you predict what is needed.
Ex. if the request was "flour, egg, sugar" then you may predict next items will be "vanilla, chocolate, yeast, milk".
This is essentially what the branch prediction and speculative execution hard-wired circuits do in a nutshell.
What the researchers basically did was find a way to bypass the entire application stack and sneak a peak into that "hole" in the CPU to extract microcode flowing through the pipe (as example above, peak into that window). Apparently they were able to do so rather easily.
This practically affects all modern microprocessor designs, with the exception of certain ARM architectures simply because they are "hard driven, dumb" processors (i.e., gimme an instruction, I execute it, next). Basically just speed driven. No complicated future-prediction schemes.
Since this is hard-coded, it is very hard to cover it up without slowing it down dramatically.
Simply put, let's take our example above.
Now you have that window that you have been using, imagine if you find out someone's been stealing stuff.
Now you cover up that window. You are blind, so basically you go back to the origins where you just react when stuff arrives, except you are handicapped because all your previous experience and routines are based on being able to predict what is needed.
Same applies here. Depending on what you are trying to do (intensive computations will see dramatic slowdowns, etc.), you could see 0% difference, or you could see 30%+). The problem is this -
the entire computer architecture from DRAM to HD to the ICs near the CPU are configured to take advantage of the speculative and branch predictions methods. Basically the CPU uses internal and outside memory banks to "create instruction/execution blackboards" so they can pull them quickly once they are almost sure what the next instruction is. So, the only SW/BIOS workaround is to completely block these schemes.
Well, when you have an entire electronics industry built around this entire "instruction prediction" architecture, that means any SW workaround will slow the entire thing down significantly, not unlike covering up the window in the simplistic example. Now every block on your motherboard in your computer has to wait for the previous block to "execute" its instruction completely before proceeding.
So, the only reasonable solution is to.....buy new computers. The problem with this is, it takes at least 5 years to build an entirely new CPU architecture, build it, test it, mass-produce it, and build the supporting infrastructure for it (ICs, DRAMs, encoders, comm chips, LCD drivers, HD readers, etc.).
So, the SW is just a patch. The problem now is it will take time to completely secure it.
Oh, and it does not matter even if you have VPN or Linux, 256-512k encryption. As long as anyone can see your data-stream, any encryption can be broken with today's ML/AI algorithms and the high-speed processors.
Now you can see what a big headache the entire semiconductor industry has, as they have no good answers.