Hello. Many of the older thinkpads were regarded as being peak for the ability to repair and easily see into them at both the hardware and software levels.

I was wondering, what PC, if any, is similar in this regard? Aside from building your own PC ofc. Any opinions are welcome. Thank you.

  • trippingonthewire@lemmy.mlOP
    link
    fedilink
    arrow-up
    6
    arrow-down
    2
    ·
    9 months ago

    I was looking for something that I’m confident doesn’t spy at the hardware level.

    I used Thinkpads as an example because after the early 2010 ones, they got those weird i7 (I believe) processors and we don’t know much of what they do but some speculate they record keystrokes and phone data home.

    What PC can you trust has good hardware in privacy? I don’t want to buy a PC and run Linux, trying my best, and the thing spies at the hardware level.

    • hperrin@lemmy.world
      link
      fedilink
      arrow-up
      12
      arrow-down
      1
      ·
      edit-2
      9 months ago

      They absolutely do not record keystrokes and phone that home. You’re talking about the Intel Management Engine, which is completely useless to almost everyone, but there’s no evidence that it spies on you. There have been security vulnerabilities found in it that could let someone else compromise your system (notably: only if you’ve provisioned Intel Standard Manageability), but there is practically zero chance that Intel is doing that or even selling that sort of capability.

    • Corroded@leminal.space
      link
      fedilink
      English
      arrow-up
      7
      ·
      9 months ago

      Well you can find a list of Libreboot compatible hardware here. I feel like your biggest issue, especially if you are relying on a prebuilt Windows PC, is all the bloatware they come with on top of Windows itself.

    • SheeEttin@programming.dev
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      1
      ·
      9 months ago

      How confident do you need to be? I don’t think I’ve seen any convincing evidence of any firmware spying in PC components.

      Well, except the NSA’s Clipper chip, but I don’t think that really ever got implemented.

    • const_void@lemmy.ml
      link
      fedilink
      arrow-up
      4
      ·
      9 months ago

      Lenovo uses proprietary, closed source firmware. There’s no way to know what it’s doing.

    • TheAnonymouseJoker@lemmy.ml
      link
      fedilink
      arrow-up
      4
      arrow-down
      1
      ·
      edit-2
      9 months ago

      Then all you need is to network \ through an OpenWRT router. No matter how bad the ring access is for Intel ME or AMD PSP or whatever else, all of it is stopped on your network router. No amount of spying paranoia or folklore bypasses that.

      You can buy any computer in the world with this strategy/method, even something CIA or MI5 themselves manufactured.

      If you are not a top secret journalist or activist talking to some high profile entity, or someone running a leaker or drug website on darknet, you are going to be just fine with Linux on a ThinkPad, with (Medium mode) uBO/Firefox, a good systemwide HOSTS ruleset, GUFW turned on and a decent DNS provider.

      I should just add that even though I am one of the fiercest critics of USA and its entities, NSA does not get constant access to your keystrokes or other stuff. The amount of data transmission for it would be staggering and noticeable instantly, even if we assumed they hypothetically collected such text data, compressed it as TAR.GZIP and sent it. The main function of Intel ME is for enterprise management and remote control of computers by businesses.

      • BobGnarley@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        9 months ago

        So you just have to buy an openWRT router and it would stop it automatically or is this something you would have to be knowledgeable about how it looks in a system log to block it? Also, do you have to have some sort of custom modem as well or just the router being openwrt is enough?

        • TheAnonymouseJoker@lemmy.ml
          link
          fedilink
          arrow-up
          2
          arrow-down
          1
          ·
          9 months ago

          You might either need to figure out the IP addresses from logs using whois, or there might already be some kind of list, or HOSTS ruleset made by someone to block Intel’s connections. But you need no hardware/software other than that.

          My point was everyone keeps crying and moaning over Intel ME and AMD PSP minus ring capabilities every other day, and a solution as simple as this exists to defeat 3 letter spooks.