[dlmetcalf]

It's not just Intel you're trusting, it's the OEMs, who also have an EXTREMELY poor record. Just take a look at the ENORMOUS number up BMC and auto-update vulnerabilities. They really just either couldn't care less, or are deliberately making machines vulnerable. Things are being pushed into IME, that aren't optional, often aren't wanted by users (or snuck in there so they wouldn't know), don't all have to be there, can't be verifiably disabled or overriden by end users. Even if it weren't backdoored (unlikely), it presents an ENORMOUS attack surface at the very worst possible privilege level. Open source designs that are at least inspectable by researchers would be a start. But more importantly - allowing users to CHOOSE whether they want to override software (it IS after all software and not hardware). Why shouldn't we be permitted to run Libreboot etc on modern hardware and know that when we turn a machine off, that it's off, without unplugging network, power cables, batteries, etc?