Even Google is concerned about attack vectors with UEFI and Intel’s Management Engine that their NERF project seeks to alleviate some of these concerns and is used by their servers.
NERF is short for the Non-Extensible Reduced Firmware and is their effort to replace most of the UEFI firmware with a small Linux kernel and initramfs while their custom portions of the code are written in the Go programming language.
My first Purism 15 laptop is on its way.
It takes a while because they are having trouble filing all the orders. I’m also very excited about the phone that will hopefully be released Q1 2019.
I’d like to bump this tread by saying I just imported a second Librem 15 laptop and I’m happy. It’s expensive but it’s your machine - not a spying tool the victim is tricked into paying for himself.
(@ElsieDee There is also such a thing as open source firmware.)