Re: "neither Meltdown or Spectre is much of a threat to a home user"
"Also both Meltdown and Spectre are information disclosure bugs - on a reasonably set up home system there is not much sensitive data that can be extracted. (No banking credentials are stored on my PC - not even my PayPal login.)"
The information is stored in the ram. Has nothing to do with files.
If you type in any password or other sensitive data and dont turn your PC off and on again then that data is what meltdown and spectre have access to.
When you browse to a site that uses HTTPS, that sites secret keys that it set up just for your connection can be sniffed out by these attacks. Once the keys are known, your connection is basically unencrypted to anything that is watching and talking to home base, whether it is in a browser tab or malware that was installed on your pc by your kid sticking in a USB flash drive they found on the floor at school. They will see your credit card number as it travels over the internet, in plain sight.
Biting the hand that feeds IT
