I also have some questions that bothered me throughout the talk.
* How do you create a turf? Who can create it? Can it be abused?
* Can you create a VMM that doesn’t have right to read/write/execute all the memory but can grant access to it? Can you decouple VMM from the rest of OS?