TEE is practically used for mainly two things in current smartphones: DRM and hardware key storage.
DRM lets users watch Netflix on their phones while on an airplane.
Hardware key storage significantly decreases the attack surface for malware trying to extract them, compared to storing them on the application processor.
How is the average user being fucked here, exactly?
That is definitely true. In a way, the user of DRM is the content provider, not the owner of the playback device.
But this is exactly the idea of trusted computing:
"Prove to me that I can trust your hardware to run my software according to my specifications, and I will use it to compute things (for our mutual benefit) that I would otherwise only compute on my own hardware."
DRM is the canonical example, but wouldn't it be nice to be able to actually know that cloud service provider has to adhere to their terms of service, rather than having to take their word for it?
(The big "if" here is that the terms of service are expressible and enforceable in the context of some piece of software.)
> "Prove to me that I can trust your hardware to run my software according to my specifications, and I will use it to compute things (for our mutual benefit) that I would otherwise only compute on my own hardware."
As a user - why should I trust your software with my computer?
There is great imbalance of power, the companies aren't necessarily the good guys. It already got unfair with DRM, for example together with DMCA is effectively blocking fair use, like ability to make own backup copy of purchased medium, or purchasing it once and being able to play the content on multiple devices.
It also prevents one from being able to sell their copy to someone else which also is allowed by law.
so what you're saying is that without TEE, Netflix would shut down? come on. Netflix would clearly keep operating with or without DRM, all TEE does is make it harder for the user to access their legitimate (non-Netflix) content in anything but the most approved way. it entrenches mainstream operating systems and makes it harder to use FOSS. sure, I'll concede that Netflix is not the most damaging to user freedom, but that's not what OP is about. nobody would give a shit about this vulnerability if it was just Netflix, because Netflix is broken against hardcore attackers anyways. TEE proponents want to expand its use to more user-hostile applications. that's my concern.
hardware encryption is arguably a better use of TEE, but as far as I know, no actual implementations use SGX for that purpose. the TPM is used, but it's not fast enough for actual encryption. the OS loads the keys from the TPM and does the encryption in regular software.
DRM lets users watch Netflix on their phones while on an airplane.
Hardware key storage significantly decreases the attack surface for malware trying to extract them, compared to storing them on the application processor.
How is the average user being fucked here, exactly?