Total Memory Encryption and TXT enable

I notice in Dell Precision bios Total Memory Encryption and TXT Intel Trusted Execution Technology are available but disabled by default.

Any thoughts or a quick summary on when to enable these or when not to when running Windows 10 Pro?

Has anyone measured performance differences?

 

TME lowers memory performance slightly. Unless you got state secrets or any other confidental data on your Precision, leave it off.

 

Thanks! I have enough performance that I could sacrifice a little bit for security if it would make any difference.
(CPU upgrade will bring me about 5 years into the future so I should have a nice performance edge over previous, going from 4 cores to 8 and from 2133 to 3200 mhz RAM)
I wonder if TME or TXT make any difference for desktop software that isn't specifically engineered to take advantage of these features? Would it make any difference at all to something like chrome or firefox browser, or adobe acrobat security?

 

TME looks to be a little bit overkill for many situations. It looks like it mostly protects against physical attacks (reading memory contents directly off of the DIMMs or the memory bus between the DIMMs and the CPU), but it does support multiple keys which could allow for separate encrypted memory pools (i.e. to prevent one VM from reading memory contents of another VM if some program running on one managed to escape the "sandbox" by leveraging some other vulnerability). All apps will automatically benefit from TME, but I believe Intel TXT requires application support. (TXT has been around for quite a while, though; my 9-year-old M6700 supports it.)