I'd recommend anyone interested in Confidential Computing to read the work from Rodrigo Branco (@BSDaemon) to understand why it's mostly a failure and a PR stunt from cloud providers to give the illusion that the customer stays in control, while at the same time the hardware capabilities CC is built upon are unsecure (and can't be fixed by firmware or microcode update, most of the time).

For example, a direct link to his keynote slides from ESA 3S conference last year (PDF): https://indico.esa.int/event/528/attachments/5988/10212/Keyn...

▲

mnahkies 5 days ago | parent [-]

The slides were an interesting read, I'd enjoy seeing the talk if it was recorded.

They finish mentioning in "2023" though, we're in the back half of 2025 now - has anything changed significantly in the past couple of years? (I genuinely don't know)

	▲	JambalayaJimbo a day ago \| parent \| next [-]
		I work in the space as a developer of an SGX based application. In the last few years, VM solutions have become much more popular, and our cloud provider has been pushing us to transition to AMD SEV-SNP. We haven't transitioned yet, so I cannot speak to them in great detail, but they certainly appear to greatly simplify app development.
	▲	wahern 4 days ago \| parent \| prev [-]
		Nope. Newer hardware, newer exploits.