You know, it might actually be a good idea to name this Titanic OS (there’ll definitely be malware targeting this codenamed ‘Iceberg’)–it’ll remind people that this is not an infallible system and will prevent overconfidence. I mean, the same could be said for Yamato and Bismarck, both thought to be unsinkable, but the Titanic is more well known.
Firmware and hardware are always on my mind, but they’re both things I can’t do much about other than not buying second hand laptops and brands I don’t trust (e.g. Lenovo) and updating BIOSes with carefully verified updates.
Out of curiousity, do practicing infosec professionals manage hardware to the extent they verify hardware and firmware? I doubt it happens in all but the largest companies.