With that said, I wish I had more to contribute to this thread, but I am personally very pessimistic about the state of hardware security, as I said above, and I do not have high opinions of any hardware vendor, whether Purism or Lenovo or others. Those for which I have no particular concern, if only because I am not very familiar with them such as Raptor Computing Systems, I still have general concerns such as those related to the above. So, my unhelpful and unsatisfactory answer is “None”.
I would love to explain and defend which hardware vendor I can trust to secure Qubes OS and respect my privacy and freedom, but I do not have one and I doubt one exists. I am critical of thinking in terms of brand trustworthiness, as well, since brands tend to tell us nothing about the merits of the company and only the perceptions they have manufactured. Trust is something earned and very few companies have done anything to warrant any trust at all, at least when it comes to security and especially hardware security.
I do think favorably toward older Lenovo Thinkpads due to some of the qualities I appreciate in them, such as their repairability and ease of (dis)assembly and powerful computing relative to their competition; and I do admire the apparent efforts that companies like Purism make toward transparency and securing the supply chain and delivery; but I would not go so far as to say I trust those products or their vendors, especially not as brands. Would I prefer them over other options? Probably, but not necessarily for reasons related to hardware security, even though their hardware is more open and verifiable than most.
Nonetheless, I intend to be installing Qubes OS on a Thinkpad and a part of me wants a Librem 14 (but will never buy it due to cost), and I would consider Dell Latitudes as an alternative to Thinkpads. I suppose the best I can say on these matters is that there are some vendors and products I can distrust less (and mainly because I am more able to implement means of distrusting them more, like corebooting ), even though I cannot say I really trust any of them.
When it comes to hardware security, however, often what is more important is how and where you acquire a particular piece of hardware and not who produced it. For example:
- I am more willing to trust a new laptop I buy physically in-store from off a shelf than I can buying from an online vendor.
- I trust a used Thinkpad or Latitude bought second-hand from an end-consumer buyer more than I would one decommissioned from a government office or major corporation.
- I would trust a computer bought online directly from the manufacturer more than I would one bought on Amazon.
- And I can probably trust a company that provides anti-interdiction and anti-tampering services such as Purism or NitroKey more than I can trust one that does not, despite being a much likelier target for surveillance, interdiction, and tampering.
As I said before in the Lenovo trustworthiness thread, I extend “distrusting the infrastructure” to the endpoints and that includes the hardware, so I am more concerned with securing myself against the hardware on the assumption that it is untrustworthy and compromised (without any alternative) than with whether I can trust it at all. One can still want verifiable hardware security and a vendor one can trust, as I do, but the absence of that should not spell the end of one’s approach to hardware security (not that anyone is saying otherwise). So for me, I am less interested in brands and vendors, which I can trust only as far as I can throw them, and more interested in what they offer and how I can get it. Maybe that is implied in the topic question, but to me this is an important difference. Just some food for thought.
Regards,
John