Confer keeps encrypted data private with a user-held key

Confer, created by Moxie Marlinspike, encrypts messages with a private key that stays with the user and uses a Trust Execution Environment plus remote attestation to limit server access and reported use for AI training.

Confer is a system developed by Moxie Marlinspike that aims to keep chat data encrypted so only the user holding the private key can decrypt it. The project combines WebAuthn passkeys with server-side processing inside a Trust Execution Environment (TEE). It also includes remote attestation and digitally signed releases recorded in a transparency log for verification. Coverage frames these features as measures to reduce server access to plaintext and to avoid using user data for AI model training. Key facts: - Confer keeps the private key with the user so data is encrypted at the point of departure and, according to reporting, cannot be read by the server. - The system uses the WebAuthn passkey system for encryption and runs inference processing inside a Trust Execution Environment on servers. - Remote attestation is provided so observers can reproduce outputs that confirm only the published proxy and image software are running; releases are digitally signed and logged in a transparency record. - Native support is reported for recent macOS, iOS, and Android releases; Windows requires a third-party authenticator. The developer is Moxie Marlinspike, who also created Signal. Summary: Confer is presented as a combination of user-held keys, TEE processing, and remote attestation intended to keep encrypted data from being accessible on servers or used for AI training. Undetermined at this time.