[vaxman]

There is an entire WORLD that lives in your computer below the operating system (eg, OpenWRT). For example, in your Raspberry Pi 5, there is a chip called the VideoCore GPU and it contains a big blob of code known only to Raspberry Pi Foundation and, perhaps, Five Eyes. The Chinese processors are like that too!

Even if you have the source and build system to recreate the exact binary blob and can reload it with Jedec or whatever, there is another world below the firmware...called microcode. Some of the microcode comes from the FAB preloaded! Even if you can get the source code for the microcode and somehow read it out and verify it is the same, you guessed it...there is another world below that [1 https://www.researchgate.net/publication/380555600_Trustwort... ] [2 https://dl.acm.org/doi/fullHtml/10.1145/3579856.3582837 ] [3 https://ieeexplore.ieee.org/document/7546493 also https://www.semanticscholar.org/paper/A2%3A-Analog-Malicious... ]

[wao0uuno]

I get your point but once you start looking at tech this way you will come to a conclusion that nothing's safe. With RPi you at least know that millions of units have been deployed in companies where monitoring is so strict and stakes so high nothing fishy would go unnoticed. Also there is a reputation of the manufacturer and people in charge being at stake. With no name Chinese hardware you can't really expect firmware updates and if anything fishy gets discovered by someone they'll just change their brand name from King Dong to Dong Xiang and keep selling.