Confidential Computing is a burgeoning field that shields running workloads from external threats by reducing the Trusted Computing Base. Public cloud vendors are spearheading the movement to enable the execution of more secure workloads. Despite the marketing hype, the challenges of Confidential Computing are significant and not completely solved. Intel TDX, AMD SEV-SNP, and Intel SGX are the main technologies used, but all have experienced issues with attestation key extraction. While bugs are being addressed, some architectural decisions may leave vulnerabilities exposed to side channel attacks. The goal is to increase the security and protection of sensitive data, but caution and skepticism are warranted given the current state of technology.
https://stiankri.substack.com/p/the-open-secret-about-confidential