I think there should be a section or guide on choosing a desktop or laptop computer, the advantages and disadvantages of using desktops, and maybe some recommended desktop or laptop computers. Desktops were not designed with security in mind and it’s advised to use a phone as much as possible and only a desktop for when one needs it. If anything, I believe desktops and laptops are becoming obsolete and many people don’t need one anymore. However, I still think this should be considered since a lot of people still need to use desktops and we already have a specific Android phone recommended: the Google Pixel.
I think the best laptops to buy would be a new Windows secured core PC, a Macbook, or a Chromebook. I do not recommend buying Thinkpads and installing Libreboot as all the Thinkpads that support it are completely obsolete by todays standards. Intel ME being backdoored is just a conspiracy theory.
I also think everyone should replace their devices every few years whenever they reach EOL instead of waiting as once a device stops receiving updates, it becomes increasingly insecure. Phones, desktops, and laptops are all disposable products and should be treated as such. Right to repair is just an excuse to use insecure, obsolete products and I don’t support it.
Yes, but even if you wanted to run Libreboot, it’s not possible on systems released after 2008.
Saying people should buy a new laptop every few years, is bad advice.
The comment about ME is also not valid, it’s true there is no backdoor, but that isn’t the reason why you remove ME. Multiple security vulnerabilities have been found in ME, including unauthenticated remote code execution, this is why most people want ME removed to reduce the attack surface.
Saying people should replace their laptops with mobile devices is completely unrealistic for most people, that need a device for more than just watching TikTok videos.
The reason we don’t recommend hardware is because it changes regularly.
We’re also not a hardware review site.
Rule of thumb though, would be to go with modern hardware, supporting modern security features, so looking at Windows 11 certification is a good start, even if you’re a Linux user. One of the requirements for that is TPM 2.0, which is starting to be of use with things like systemd-cryptenroll and potentially systemd-measure in the future. Windows 11 hardware certification also requires that vendors provide options for enrolling custom keys.
As far as firmware goes, you get what you pay for. My 2018 XPS still gets firmware updates in 2022. If you buy super budget hardware then there is the chance that vendors will stop supporting it sooner.
I also think everyone should replace their devices every few years whenever they reach EOL instead of waiting as once a device stops receiving updates, it becomes increasingly insecure. Phones, desktops, and laptops are all disposable products and should be treated as such. Right to repair is just an excuse to use insecure, obsolete products and I don’t support it.
I understand the sentiment—device security encompasses critical points-of-failure for the aim of securing the right to privacy (and, as @dngray pointed out, using modern hardware which supports modern security features is desirable)—but I disagree.
To claim that “phones, desktops, and laptops are all disposable products and should be treated as such” is woefully ignorant of the socio-economic and environmental factors that influence an obscenely large portion of the population (even in ‘developed’ nations).
I have included references to just some of the standout papers in my reading. Please consider reading them.
(Note: Dickson-Deane’s paper is actually a retrospective on a 1976 review panel).
Then just give some advice for choosing hardware like everything you said, using modern hardware with firmware updates, and maybe why Thinkpads and Libreboot aren’t recommended as they lack microcode updates like @Niek-de-Wilde said.
No. It’s not bad advice. Laptops need microcode updates and firmware updates to stay secure and after a few years laptops will reach EOL and stop receiving updates, which means it’s time to buy a new laptop. Hardening a Linux operating system like Fedora or Arch will only get you so far.
Smartphones can do a lot more than one might presume and I wouldn’t be surprised if they completely replace laptops in the future. Gaming can be done on a phone or tablet, and so can graphic design, coding, and a lot more.