So much FUD in this thread. I have written up a blog post explaining
Meltdown and Spectre for the average person (who has some familiarity with computer terminology).
The NSA has no interest in stealing your Bitcoins. If they are stored on your PC and the NSA wanted to steal them, believe me, they could steal them and the Meltdown and Spectre attacks have nothing to do with how they'd take them. For most people, a hardware wallet is the best way to keep your coins secure.
Hardware wallets are not vulnerable to the Meltdown/Spectre class of attacks.You got any more info on this? What CPUs are hardware wallets using?
It doesn't really matter because hardware wallets are not running applications - the hardware wallet is a "closed ecosystem".
Spectre is pretty wide reaching, even some ARM chips are affected, so I am quite curious about architecture hardware wallets use, since there are not many CPU manufactures in the world.
Try reading the summary of the linked blog post. It's crucial to keep in mind that Meltdown and Spectre are (timing)
side-channel attacks. This means there has to be something that's living "on the side", some applications or something. Since a hardware wallet is only running the wallet software (it literally can't run anything else), there is no side-channel. Really exotic side-channels like power-draw analysis still require
physical access to the wallet. If you can't keep your wallet physically secure, you have bigger problems.
Security is a holistic problem and keeping this in mind is key to shutting down all this FUD.