Let’s say I buy an ordinary laptop, such as Dell XPS, and install Debian Linux on it.
Assuming nobody else has physical access to the laptop after I install Debian with full disk encryption, what really could go wrong?
For now I want to disregard physical attack vectors because I’m interested in mostly internet-based or side-channel “phone home” attacks.
What are some attack vectors? What could go wrong? It seems to me Debian would have had to collude with Dell, but what do I know…
Rather redhat / systemd distro related than hardware related, and not sure how you would classify this, but debian’s systemd-resolved contains the defaults from upstream compiled in, and systemd-resolved can get enabled on some installations (don’t know what triggers this), and may become the default in the future. When used, it insists to switch your dns requests over to google, when dns is not configured (for example while the device is brought up). The switch over is also reliably triggered as soon as your configured dns servers get disturbed or blocked https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=761658 (problem not solved, only a dismission thread).
Note I am not sure if the “fallback” dns server IPs are removed in the pure os source package repository, they were hidden by upstream in some default build system configuration files.
The systemd-resolved bug tracker already lists a (closed) vulnerability issue for packets coming from configured dns servers.
There’s also the case that Dell XPS has the necessary hardware & bios settings to allow someone to remotely hack into your laptop, even when it’s turned off. I’m guessing certain things have to be enabled first but the tech is already there. Best to use tails on it.