Malware on firmware?

Go into the forest. Make a cabin. Destroy any technology. Hunt for your food. There is no escaping them any other way

Glow in the dark NSA contractor here, if you're actively being attacked, you can mitigate the risk of purchasing compromised devices by buying one in person, in cash, from a pawn shop. Never buy anything that isn't going straight into your hands after you've purchased it. From there, I recommend full system encryption and a quality VPN that you access via VPS. Keep your wife's hardware switch set to off, use public internet. If possible, I'd recommend pulling the antenna out entirely and jacking into the internet with an Ethernet. Make sure your Mac address is spoofed each time. Also consider using tails.

There is nothing you can do. As a consumer you cannot secure the supply chain and you cannot independenty verify hashes of various firmware like your Bios. Seperating Identities only helps if you dont run your mouth when you aren't required to help get your own conviction. The russians are working on partially open source VLIW arch for security but I doubt you can get such a machine anytime soon. Risk-V doesn't have enough computing power to replace general purpose use. Raspberry Pi, other ARM arches and maybe AMD's embedded/mobile lineup can be a replacement but doesn't truly protect you from potential side channel exploits and firmware reflashing.

>Never buy anything that isn't going straight into your hands after you've purchased it.
>implying their not compromised at the factory
oh em gee, you faggots really think we're that stupid huh?

I thought of just buying some storage, get rid of the disks, disconnect everything non essential and clean/flash all the non volatile storage, the problem is that I don't know how to deal with the GPU for example, if it's infected and I fix that it will reinfect from the OS (or who knows from where).
I had some issues trying to flash my phone because lets say I download the right ROM ok, and I see the MD5 and everything is good, when I was just about to flash or flashing that MD5 changed and the whole flashing process was a pain in the ass, same with the BIOS

I mean, it's possible that all hardware is compromised. But this guy is talking about specifically targeted attacks. He can mitigate targeted attacks with an impromptu trip to a pawn shop. He can also remove his wireless capabilities. If it can't phone home without being hardlined, he's gonna be safer.

Honestly, if I was as paranoid as this dude, I'd just use an orange pi and carry it everywhere

if it's targeted, and it's already compromised from the factory,it doesn't matter and it's gonna phone home no matter what steps you take in hopes of preventing it

>I don't know how to deal with the GPU for example, if it's infected and I fix that it will reinfect from the OS (or who knows from where)
If a closed source firmware is too much for you then you're in the market for a librebooted laptop/system. I really hope Intel/AMD attempts to open source their firmware as security concerns increase. That way we can buy a bit more modern librebooted models.

And phones themselves are a bit troublesome as cell towers NEED to keep track of them.

That's why I'm recommending a pawn shop. You can't intercept second hand electronics you purchase in person.

and you're going to believe this hasn't been the case for some time now? come the fuck on, the only hardware that isn't comp'd is stuff used specifically by DoD

>Be NSA, Put backdoors in firmware with unique keys generated based on MAC adress or manufacturer number.
>Arrest user on suspicion or Captain Picard.
>""b-but I bought it at a pawn shop""
>FBI agent just looks up secret key to use during startup of your firmware.
>FBI Firmware displays first 200 keystrokes after every restart you did.

You could say that I'm very familiar with SCrM processes used by the government. You can be a tinfoiler and continue to shoot down my advice if you want. I'm giving you the best advice I can for the best roll of not getting pwned by a wet lab. If you want the real advice for full security, don't use a computer. Don't use a phone. But if you want to use them, buy old shit from pawn shops. The older the better. Don't leave your laptop unattended. Run full encryption. Use tails.

spoofing the MAC and using software that makes you standout, ie: fingerprint blockers and other programs to stop tracking, makes you stick out like a sore thumb
also using an OS that isn't typical of a normie is also a redflag, call me a tinfoiler all you want but it's known these steps make you a person of interest

even then they can spy on you with hidden microphones and shit

Even in death, you have to take your meds, Terry Davis.

take your pills Ryan

Stop being a retard. OP is claiming that he's already been singled out for surveillance. That's the angle by which I'm approaching with my advice. If you want to avoid standing out, just don't do anything illegal

OP, if you're not trolling, just follow this guys advice. It's the best you can realistically do. We can't protect ourselves against everything, especially not theoretical backdoors that may exist in hardware/firmware of consumer products from the get go.

If you treat it all as untrustworthy, it doesn't really matter.

but what exactly constitues legality? for all we know posting something not in favor of IAs will get you on a watch list, or torrenting will get you on a watch list
the main issue is what is technically considered illegak on the internet and what isn't, the IAs like to make up the rules on their own
I understand posting something ehich threatens the safety of the public or sovreignty or doing something illegal electronically will get you targeted because those are biggies, but those aren't the only things one can do on the internet to get IAs interested in you

I'm not, and I'm really impressed by some of the replies.

I'm familiar with this argument and I am very in favor of it. But there's a balance between practicality and safety. The best you can do is keep your nose clean and avoid breaking current laws. If there comes a time where something is retroactively illegal, remember that millions of people will be in the boat with you. The government doesn't have the resources for it.

I highly recommend that you do put together a secure box though, if you're paranoid. Like I've said over and over. Pawn shop, cash, old computer, libre, no wifi, VPN, VPS, pay in crypto you tumble or buy in cash, encrypt everything, run a ghost OS.

The question is, what do you want to do with this ghost machine? Spank it to Cool Pets? Deal drugs? Hack? Other illegal shit? Just don't. If you do, don't cry when Johnny Law enforces the rules. Are you just going to surf Jow Forums and program? It doesn't matter then, just use an off the shelf machine for that. There's no point to extreme secrecy for mundane shit. PGP your communication, encrypt your drives, that'll keep almost everyone out.

I don't personally plan on doing anything illegal in the nature that you've described, I'd just prefer to keep my privacy, and maybe torrent and attain information but not perform malicious acts or participate in anything malicious
I have an older laptop I bought from a gentleman who worked for a DoD contractor which required certain measures taken in the hardware configuration in order to ensure the info contained within wasn't compromised, so does that fall into the older tech category? it's an Elitebook from 2010 running 32-bit Win 7 Pro, which I plan on replacing with a decent distro that recognizes the optical drive
I see the steps you mentioned as far as using the VPS to log into a VPN, but what VPN would you recommend? setting up OpenVPN from within the VPS? cash purchases of credit gift cards seems to be the easiest method with, albeit not the best, security
as far as wi-fi is concerned, are you speaking of public or private specifically?

How can I MAKE SURE there is no fucking malware from NSA/similar in my hardware firmware?

Single-handedly program every single chip between your chair and the power cord of every remote server you access by hand. Good luck.