[jlokier]

That issue can be dealt with using an IOMMU under host control. Those limit where the peripheral can DMA regardless of its firmware.

[isopede]

Isn't this just an instance of "trusting trust?" How do you know the IOMMU hasn't been backdoored? "Open" firmware doesn't mean open RTL. Where is the line drawn?

[Dylan16807]

Whether you want open firmware in the first place is a significantly different question from how you isolate hardware with closed firmware.

But more directly, worrying about one part having a backdoor is a lot better than worrying about twenty parts having a backdoor.

[saagarjha]

Just an example, DARTs and IOMMUs help close down that line of attack but there are still many proprietary and inscrutable blobs/peripherals/monitors that alter the behavior of modern computers which are almost impossible to avoid in general.