I’ve recently read about Chinese supply chain attack practices and find the topic quite worrying.
The article has been mentioned on other threads but I have not seen any replies regarding this topic from Purism team. Hence the dedicated topic…
I’d like to know what Purism thinks about the topic and if they are doing (or planning to do) something to mitigate such risks. (design validation on random samples which were produced in china etc.)
After all, although I admire what Purism is doing, I still think that if the final product deviates from the original design, it defeats the “purpose” of designing hardware with privacy in mind.
Then again, a “supply chain bugged” Librem laptop would still be more privacy respecting than a standard laptop (which would also be “bugged” and ME enabled) with a non-free operating system running on it. Therefore the topic did not let me stop ordering a Librem 15. I just hope that the laptop is as “pure” as it is designed to be.