[brashrat]

an OSS project is not enough to give us any security, chips that are mostly made super cheaply in sketchy countries and that are complex enough to contain whole computers and OS's... If you are successful with your OSS stopping spying or any other mal-MITM, the spies will be further incentivized to move upstream, and then you discover that even more spies live up at the headwaters.

I'm not saying it's hopeless, I'm saying that the problem needs to be stopped at its root and systemically, with random selections and inspections, 3rd party audits, etc. That's not perfect either (as we see from banking regulation) but unless you start in a civilized country with checks and balances, there is no end in sight.

[sdca]

No flagship SOC in the world is immune to backdoors. Both Chinese & U.S. governments have massive spying programs with corporate participation. Good luck getting meaningful third party audits with highly complex, obfuscated, and proprietary designs that the companies will lobby against deciphering...

[wongarsu]

OSS software is not enough to ensure security, but it makes doing sketchy stuff a harder. Stopping every malicious actor would be great, but stopping some and making it more expensive for the rest is worth a lot.

[ausjke]

Design backdoors at hardware-level could be done of course, but it is at a whole different level, for general purpose IPCAM chips(e.g. Hi3518 series) I don't think it's worthwhile for the vendor to do that.

By the way, Huawei does do excellent chip designs with ARM core these days, which is used in the IPCAM too.It pushes TI out by quality/price ratio.