I’ve started to hear questions about encrypting memory. For decades the industry has used a model where root was god of a machine and could access anything. That has been changing – we now operate in environments where root isn’t the owner of the data or even the device. Confidential computing addresses this allowing software to push security controls to hardware, such as Mark Russinovich demoed at Ignite this year. Device owners can only access plaintext memory if the software allows it.
There are of course attacks against SGX. I’m confident the industry will either find ways to fix them or mitigate these attacks.
I’m glad to see Microsoft involved in confidential computing.
Protecting data on public clouds and edges with confidential computing | VentureBeat
— Read on venturebeat.com/2019/12/31/protecting-public-cloud-and-edge-data-with-confidential-computing/amp/