That's why the OS should check to make sure the ME is still disabled and not boot otherwise, or signature check it somehow, create a hardware indicator, etc. But then there's still the harddrive firmware and who knows what else.

Still, this is upping the bar quite a bit if you're security conscious. In security all you can do is make the attackers lives harder, you can't fool proof it.

Plus they mentioned two different open source tools to disable it yourself (via software, not hardware as they do here). So you can buy a laptop with cash off craigslist and do it yourself if you're super paranoid.

"But then there's still the harddrive firmware and who knows what else."

Graphics card blobs, wifi cards blobs, etc. Just about every vital subsystem on a modern PC/phone/tablet etc. has been compromised by design through closed device drivers so that someone with enough skills and access to those information (such as some 3 letter agencies) can create a sort of covert channel where data can be computed, read or stored and transmitted without any means of intercepting that by any applications, because every part it's going to pass through contains some closed code that can be instructed to encrypt and tunnel the data from one place to another.

This came to mind years ago when I was struggling with a network card requiring a firmware blob that refused to load. I started wondering why were they making things so complicated for users and admins by keeping drivers closed; that blob could have contained just about every possible malware in existence and I would never have noticed it. Then I had a flash: disk drives also contain closed firmware, and video cards too. I recall having thought "heh, if they had a blob into the CPU as well they could close the circle and build a system where they can move information inside the machine or receive/transmit them from/to the external world completely unbeknown to the user. Then years later I read about Intel ME and got a thousand flashes because I almost saw that coming.

To me there is no such thing as a trustworthy system anywhere in the world, at least not until every single line of its software, firmware and hardware has been opened for public scrutiny. There is too much at stake, and surveillance is a damn rich business both for companies and people in power.

I think you may be interested in a development of a stateless laptop [1] by Joanna Rutkowska. They are trying to prevent any data storage outside of the user knowledge and control.

[1] https://blog.invisiblethings.org/papers/2015/state_harmful.p...

My exact worry. All of this sounds pretty good but for a person like myself, living in Eastern Europe, ordering such a laptop means the physical shipment can go through 20+ places where an agent could intercept it, get to a back room, modify the hardware and/or the software for no longer than 1-2 hours, put it back in the box and you'll be none the wiser.

I am just not sure how can I trust anybody at this point. I am even wondering if the Librem products aren't a honeypot for the privacy-conscious individuals.

A good strategist understands the needs of their opponents and can imitate an organization that serves them. How much do we know about Librem really?

That line of thinking doesn't go anywhere though. And ever since the ancient ages, we haven't invented tamper-proof packaging and shipping.

Still, we have one thing going for us. The agencies are usually slow to adapt. So it's probably a safe bet that the first several thousand of those laptops will be secure for real.

(EDIT: With 16GB of RAM being the maximum, none of the three laptops are good enough fit for me yet.)

It’s not likely that the NSA would do that to every laptop a vendor ships outside the US, because it would increase the risk of their tools being compromised for no benefit. Hardware intercept would only be used if someone they were already interested in happened to order a laptop from the United States, and the risk/reward ratio supported bugging the laptop.

The NSA has already had a whole cache of tools get out in the open, and they wouldn’t want that to happen again. The thing about so-called cyber weapons is that they get weaker every time you use them...

Note that they do let you swing by the factory in South San Francisco and to pick up your machine, if you like.

They also offer some kind of tamper resistant packaging, but at this point we’re entering a hall of mirrors of paranoia. If you have some clever system to resist interdiction, if it’s cheap and effective, I’m sure they’d consider it.

What prevents someone from getting a job there and tampering with them while in the factory when no one is looking?

Not much left to the imagination after Snowden.