[someguydave]

Yeah but think about it - imagine government employees shift their entire focus onto "securing US networks". What would they do, exactly? Build their own open-source chip designs from scratch? Because that's pretty much step one.

[peoplewindow]

Do the same bug hunting they do now, but send all the exploits back to the vendors.

Do more work like SELinux.

There's lots they can do.

[chickenbane]

We are very far from trusted hardware. It's very easy to imagine what they would do - step one is helping American networks use the best practices - use open-source software, keep dependencies up-to-date, have bug bounties to find vulnerabilities in popular frameworks, etc.

Step two would be to consider some shared infrastructure, probably subcontracting with a cloud provider (AWS/Azure/GCP), hopefully multiple. Once we get to that step, then you can start considering things like Google's Titan (https://cloudplatform.googleblog.com/2017/08/Titan-in-depth-...). But there's a lot of low hanging fruit before we get there.