Tell RMS to make you an open-Risc based superfast/lowpower CPU.

For now the solution is to stockpile. If a police raid wiped out my stock of pre-2013 AMD hardware, I could have someone not known to the authorities order more over Ebay. Ordering it myself would be more dangerous than using the current hardware as the FBI would then have the option of intercepting hardware going to a known adversary for installation of malicious firmware or chips.

A $3,000 POWER setup is worth more than all my assets. If I could not avoid the newer machines, I would have to split them up: video editing and storage on never-networked machines bought randomly with cash, networking done with other machines using read-only filesystems, destructable media to move files between them. Malicious firmware cannot exfiltrate your disk key over a network if there is no network, and exfil by flash drives to another networked machine is complex enough that mass produced firmware probably would leave it out.

This is important because the NSA had decided to open their database to law enforcement, meaning ALL disfavored activity now has the NSA and not just Secret Service or the FBI as the adversary so far as securing encrypted media and messages is concerned.

Thanks for what amounts to a warning never to use recent x86 boards for any machine that is both encrypted/has read-write storage of sensitive data and networked. An insecure x86 laptop with TAILS plus an airgapped video editor would be tough to defeat even with malicious firmware unless retail machines sold to off the shelf to all buyers had a keylogger writing to disk turned on all the time. That would almost guarantee detection by users of forensic file recovery software.

For now I will keep my old BIOS boards and AMD can keep their replacement for Bulldozer and Phenom until someone cracks their firmware and releases the keys.

Fortunately there are enough pre-2009 Thinkpads and BIOS-based workstation PCs on eBay to last me a few more years. And by then, I hope there might be ARM, MIPS, POWER or open-source hardware that is actually fast, works with mainline kernels, and works with a free graphics driver...

SB must be enabled on machines sold with Win8+ by default

We already have secure boot keys. Microsoft gave some to a few Linux distros, and they can be used to chainload anything else.

Btw, I thought IME could be disabled in almost all BIOSes, and was infact not enabled by default.

I don't think so, the code actually runs on an embedded processor before the OS runs. Even if a driver could be developed for the embedded processor you can't bypass the binary code that runs before the OS boots.

So we can reverse engineer these blobs?

How do you expect to sell a GPU for a not-yet-ready workstation if nobody produces it anymore?

ahh, well every nvidia gpu except the second maxwell (and most likely newer) generation has no propritary binray code (except for video acceleration)

While there x86 alternatives for a workstation (IBM's power), there are still no alternatives in the GPU market: every single modern GPU commercially available requires binary blobs.