Very few people are getting viruses because someone has come into their house, connected the DRAM bus on their PC to a logic analyzer, and injected malicious code directly into memory. Instead, the malicious code is coming in through trusted code the user is running (web browser, faulty samba server), which encrypted memory does nothing to protect against.
I believe ARM has had this in the form of TrustZone for a while.
Almost any feature you build to protect a system from a compromised kernel is, in effect, DRM. DRM and system protection are two sides of the same coin.
Nothing magical happens when your machine gets owned up by malware or exploits. The machine naturally does the bidding of the user, not the owner. When you get compromised, the user changes. Want to defend an ostensibly single-user system from an unexpected and unwanted new user? Congratulations: you're building DRM.
2) consumers may not care, but large server cpu customers certainly will see it as a bonus, some will see it as required. Of course, this won't protect against the NSA.
(server cpu customers are the biggest market for intel [1], and also it's the market that's not declining at an alarming rate)
I guess it might help with security of certain thins like full disk encryption. I think there are already devices used by law enforcement or hackers that that can steal disk encyption keys or information just by plugging them into any port with DMA access like firewire or express card. I would assume this could prevent that.
TrustZone (by itself) doesn't have the attestation or memory encryption features of SGX. On the other hand, I believe TrustZone can reach outside itself. TrustZone is more comparable to Intel's SMM.
Very few people are getting viruses because someone has come into their house, connected the DRAM bus on their PC to a logic analyzer, and injected malicious code directly into memory. Instead, the malicious code is coming in through trusted code the user is running (web browser, faulty samba server), which encrypted memory does nothing to protect against.
I believe ARM has had this in the form of TrustZone for a while.