Everything should be parallel processed AI with a TUI.

No BIOS or any other hidden firmware.

And not a single line of C code anywhere. Ideally no code whatsoever, except for the bare minimum for the AI to function.

But we don't live in a perfect world. So...

Separate device for the browser extension login/signing should be sufficient security.

They will try to get rid of PWA's soon, so better start lobbying now.