[gruez]

>NB: you don't even have to replace the TPM/Processor/... with an identical, tampered component. You just need something that behaves the same as far as I can see. It could be some huge-ass FPGA board programmed to emulate shit and I wouldn't be able to tell as long as they got the emulation right.

Getting the emulation right is nontrivial because you also need to extract the hardware key that's on the processor, otherwise remote attestation won't work.

Also, there are plenty of use cases for confidential computing that don't involve hiding from the NSA. For instance, if you simply don't want amazon (or their workers/contractors) to see your data.