But you do agree enclaves can be used for exactly this? I agree there are exciting use cases but we need to be careful because open, general purpose computing is already being attacked on several fronts.
Enclaves don't get direct IO access and have to interact with code running on the main processor. I'm okay with opaque code if it's running in a tight sandbox and its interactions to the outside world (including my filesystem) are inspectable.
Also it's important to me that regular people can benefit from secure enclaves by using them to protect their data being processed on other people's machines. The secure enclaves aren't closed only to corporations who want to make things like DRM.
Good points. The aspect I'm most worried about is that we'll see a trend towards an increasing amount of code running in enclaves and then becoming a hard requirement for common software to function.
Also it's important to me that regular people can benefit from secure enclaves by using them to protect their data being processed on other people's machines. The secure enclaves aren't closed only to corporations who want to make things like DRM.