For reference, this is talking about Intel SGX (though they also funded AMD's SEV which is what Google uses internally)
Unlike the negative spin put on this by Politico, it does have actual tangible usecases in encryption and locking down your attack surface from a process based attack standpoint, as well as minimizing side channel attacks.
When you're dealing with nation state level espionage, it's a valid attack surface.
This is also the underlying research that enabled the entire Confidental Computing segment (eg. Fortanix and Hashicorp Vault)
Edit:
What is confidential computing?
Basically how to process data in use without knowing the underlying data itself.
So, if I need to train a model on PII, I can encrypt that PII dataset yet still get an equally functional model.
This means requiring trusted execution on R/W+ functions, ideally via some form of a trusted VM. Sort of like eBPF's VM but even more lower stack.
And presumably not just SGX, but also the funding goes to future development in confidential computing hardware platforms as well (Intel TDX, ARM Realms, NVIDIA Confidential Computing, etc.). As you mentioned in another comment, there are lots of flavors from different vendors. Intel SGX is notoriously difficult to implement, and the newer Confidential Computing architectures like AMD SEV-SNP make different trade-offs towards ease-of-use.
Every modern smartphone user benefits from the mobile flavors of confidential computing today, protecting biometrics or mobile pay wallets with implementations like Apple's Secure Enclave or Samsung Knox (based on ARM TrustZone).
I'm part sympathetic (to a right wing slanted site's angst against how Biden's program is going), but also, those doesn't feel that out of line with the intent of the CHIPS act. It depends on what the expected outcome is, but figuring out how to rely on and have trust in the security of the chips we are making, making sure they don't have secret backdoors or hidden circuits, making sure the enclaves really are secure: that feels like it's definitely a key part of maintaining the US.
That said, $3B is a ton of money for who knows exactly what. How will this effort help and who? Ideally this would fund good efforts that everyone could use to advance the general state of computing security. But in all probability, this will get buried away in DoD projects that don't help anyone.
One shout out, while looking for more information on CHIPS, I ran across this wikipedia blurb,
> And $1.5 billion funds the USA Telecommunications Act of 2020, which aims to enhance competitiveness of software and hardware supply chains of open RAN 5G networks
That's cool! That's how we should be funding advancements!
Facebook/Meta donated a huge amount of super awesome work on their 5g EvenStar platform to OpenCompute, which seems to have incredibly solid figures-of-merit, built with hyperscaler minded cut-throat cost-effectiveness. I'd love to see these kind of blistering cutting edge state of the art works get support help & advancement!
Apologies on the Politico front. They indeed bear no resemblance to mainstream GOP stuff, have no patience for works like Don't Say Gay. I'm a little surprised to see how left accepted they are, according to https://www.allsides.com/news-source/politico-media-bias but I seem to be in the wrong here.
As for confidential computing & secure enclaves, yeah, I am somewhat aware of the field. My complaint is more that this money was stealth redirected, and it seems unlikely to me to help the broader industry. This feels like a bit of a slush fund for the area for Intel. Which like, back in ARPA days was a winning ticket: find alpha geeks, give them money, & let them cook. But those geeks were also sharing & collaborating & expanding the envelope for everyone, where-as here it feels like we're probably only helping Intel or whomever else on their own efforts.
> This feels like a bit of a slush fund for the area for Intel
So I've been in this space for a decadeish now after leaving the Hill, and trust me on this (or don't it's the internet. If sources wanted feel free to ask and I'll respond with Public resources) - Intel wasn't the only one.
AMD, Nvidia, IBM, Amazon, Microsoft, Qualcomm, ARM, etc all got a piece of the pie in the Secure Enclave space along with Intel.
It also isn't that secretive. If you've ever been on campus at UCB, Stanford, MIT, UIUC, CMU, UCLA, UMich, UT Austin, ASU, OSU, and UW, there's been a lot of federal funding sloshing from the Secure Enclave front.
The key difference is this started as a reaction to Supermicro a couple years ago.
> I'm a little surprised to see how left accepted they are
There are left leaning Dems, but most of us are Center Left. Most of CPC itself is more centrist than progressive.
If you lean DSA, we might not be the right party for you.
> My complaint is more that this money was stealth redirected, and it seems unlikely to me to help the broader industry. This feels like a bit of a slush fund for the area for Intel.
Indeed, the proper target for ire here seems to be if the $3B will be allocated under a competitive bid process that includes multiple vendors.
Really gross. Honestly, has America always been this corrupt or the last 20 years really hitting its stride?
As if the DOD doesn't have enough funds, they have to pull new taxpayers funds for this clearly wasteful program.
Some super secretive, non-collaborative, non-competitive, bureaucratic run foundry will surely be worse over the long run.
Sounds like DoD wants their own foundry but won't even reach into their existing bloated budget to do it. Shameful. Would be a bad idea even if it was from their budget but less terrible than the current situation.
Unlike the negative spin put on this by Politico, it does have actual tangible usecases in encryption and locking down your attack surface from a process based attack standpoint, as well as minimizing side channel attacks.
When you're dealing with nation state level espionage, it's a valid attack surface.
This is also the underlying research that enabled the entire Confidental Computing segment (eg. Fortanix and Hashicorp Vault)
Edit:
What is confidential computing?
Basically how to process data in use without knowing the underlying data itself.
So, if I need to train a model on PII, I can encrypt that PII dataset yet still get an equally functional model.
This means requiring trusted execution on R/W+ functions, ideally via some form of a trusted VM. Sort of like eBPF's VM but even more lower stack.