Google could totally have hardware-level backdoor to bypass, similarly to Intel ME.
Why does GrapheneOS run only on Google Pixel phones? Super suss if you ask me.
Because Google was founded as a DARPA/CIA operation, and Google is all about spying, control and censorship (google jigsaw). I am HIGHLY suspicious that GrapheneOS would only support Google phones. This maybe made a bit of sense initially if the Google phones had certain new security hardware features that other phones didn't have, and fully documented specs, but at this point that excuse is getting ridiculous. I suspect there is some hardware "watcher" in those things, low enough that you'll never detect or disable it, and they see everything though it. Huawei phones probably have a similar "watcher" that reports back to China.
I think we need another fork of AOSP, geared to run on different hardware from a neutral country: https://en.wikipedia.org/wiki/List_of_mobile_phone_brands_by_country
Discussion
I don't have direct evidence or proof, but I think Intel ME is one out of a dozen different backdoors. For example, I think RDRAND is compromised (thank god Linux devs rejected relying on it alone).
Same with Qualcomm chips 😔
There is a reason I was deep into RISC-V just before I got deep into nostr
Which RISC-V processors/boards do you find trustworthy?
Wouldn't gov agencies go to great lengths to try to inject hardware backdoors especially in open-source hardware projects out of fear of people actually getting almost secure devices?
The easiest place for a backdoor to be injected is at the chip fab, after a chip is designed and taped out, before it is written to silicon. Several of these have been detected via electron scanning microscopes, so it does happen. But IMHO it probably doesn't happen to most chips. In commercial processors it can happen at the design level.
People can't produce fast hardware via open-source projects. But they can burn a circuit into an FPGA and be pretty sure there are no backdoors, but they end up with something really slow.
My thinking was "the most likely commercially available fast processors to not be backdoored would be new ones in new areas of technology".
Just because I think Intel and AMD chips have backdoors (sandsifter found hidden RISC instructions that bypass security, RDRAND acted strangely, Intel ME is pretty well known, etc) doesn't mean that the intelligence community is successfully backdooring even the early research projects. I suspect they aren't, but of course I don't know. Hitting the big commercial projects is a big win for them, but hitting every little research project is a huge cost with very little benefit.
> My thinking was "the most likely commercially available fast processors to not be backdoored would be new ones in new areas of technology".
May be right.
There really ought to be a RISC-V based module for the MNTReform.
Although they claim that this one is "Fully open hardware design", which would imply it could be audited by third party:
Just came across basically what you described with the FPGA:
https://www.contrib.andrew.cmu.edu/~somlo/BTCP/
> My goal is to build a Free/OpenSource computer from the ground up, so I may completely trust that the entire hardware+software system's behavior is 100% attributable to its fully available HDL (Hardware Description Language) and Software sources.