By using a chip as your CPU you are, of course, trusting that its manufacturer hasn't included a hardware backdoor. Why shouldn't you trust software from that same manufacturer to run at the highest privilege level on the same device?
A hardware backdoor or bugdoor can be publicly demonstrated to exist once discovered, and is "perfectly undiscoverable" only if it is never used. Immutable proof of crime or incompetence is in the hands of every customer. Discovery would be catastrophic for the manufacturer, both reputationally and financially[^1]. I can easily trust that my hardware manufacturers are existentially terrified of this outcome, even in the face of government pressure. Properly-designed *software* bugdoors, on the other hand, are practically risk-free (especially when designed in coordination with hardware) and cost little to remediate.
A hardware backdoor or bugdoor can be publicly demonstrated to exist once discovered, and is "perfectly undiscoverable" only if it is never used. Immutable proof of crime or incompetence is in the hands of every customer. Discovery would be catastrophic for the manufacturer, both reputationally and financially. I can easily trust that my hardware manufacturers are existentially terrified of this outcome, even in the face of government pressure. Properly-designed *software* bugdoors, on the other hand, are practically risk-free (especially when designed in coordination with hardware) and cost little to remediate.
Trust, but deblobbify.
[^1]: the fact that at least one form of the [Spectre vulnerability](https://en.m.wikipedia.org/wiki/Spectre_(security_vulnerability)) affected every
Adam Joseph
2 years ago