[anonym29]

It's not that RISC-V guarantees truly transparent firmware and microcode; as you correctly point out, it does not.

What RISC-V offers is the possibility of truly transparent firmware and microcode. This comes as a refreshing alternative to x86, which guarantees that firmware and microcode, including those of security coprocessors (e.g. Intel CSME & AMD ST, formerly ME and PSP) will not be transparent.

[wmf]

ARM offers the same possibility but there's like one SoC that's fully transparent.

[anonym29]

I am not as well-versed in the specifics of ARM's TrustZone as I am with Intel CSME and AMD ST, but I understand many of the people uncomfortable with the latter two are uncomfortable with the former as well. I do not believe it comes with the same capabilities as CSME or ST (PSP), but I do know that earlier versions of PSP were implemented using an ARM TrustZone core. That said, I need to do a lot more reading and research on it before forming more substantial positions on it.

[wmf]

AFAIK you can build an ARM SoC without TrustZone (or without using TrustZone for anything) if you want.

[7to2]

ARM offers the same possibility.. in exchange for a fee and a stack of NDAs. Competition and openness is how we should deal with this disease.