Heh true. I personally don't think the keyboards are quite as good as they once were but they are still years ahead of existing modern laptops (which have gotten worse still!)

If one of these statements had to be true... I would definitely have to go for the first XD

Not to mention the keyboard. Yes, I'm a diehard Linux user so compatibility is important, but the second main reason I got a ThinkPad is because of the amazing keyboard.

But what's the use of a laptop that lasts all day if the keyboard is broken by design? (referring to the previous-gen butterfly keys)

I don't agree with that.

I try to do both; I don't like being spied on or having the potential for data theft regardless of what the actual entity engaging in such activities happens to be -- whether Google or a black hat, my data is none of their business unless I explicitly allow them (or the general public) access to some piece of it.

Perhaps not, but I also know I'm allowed to patch and modify the kernel as events transpire. I am NOT permitted to do that with the ME, which means that the concession made for Linux is not valid for the ME.

Actually, yes, there is certainly legal recourse for defective POWER systems. You can sue for hardware defects, and often win, but in general that is not the case for licensed software like the ME. See the difference, and why companies tend to put a lot more Q/A into non-mutable hardware where they have a lot more potential liability?

So you advocate no proactive security measures? Are you still using the not yet deprecated (i.e. still generally accepted as useful at the moment) weaker encryption algorithms / key lengths, or have you looked at what is likely to happen in the next few years and started using stronger encryption?

A few years ago common knowledge was Facebook / Google were OKish entities, and those that said otherwise were ridiculed in a similar manner. How are they seen now in the wake of things like Cambridge Analytica? A proper security stance looks heuristically at all elements, looking to past and likely future possibilities, in addition to the total technically possible access level of a hardware or software component (which is oftentimes a good indicator of what the company is actually doing or will end up doing).

Interesting. With POWER an open ISA etc., what would you be looking for in addition?

It's reasonable to assume most malware targeting it will use its API and not assume it is in a weird undefined mode that can only be enabled by enabling an undocumented switch.

I'm not trying to hide from the Big Brother, I'm trying to avoid malware.

This is SIL-4 (safety-critical) certification lol, not even Linux that is opensource can seriously guarantee that.

You are always blindly trusting a vendor, yours is just a different line in the sand.
We are all blindly trusting Torvalds too that some kernel API or subsystem isn't actually wrong, and sometimes bugs happen and systems can be compromised.

We are all blindly trusting that the CPU actually works as documented.
The processor isn't opensource, it may very well have undocumented instructions that do whatever.
Old VIA processors had some fun stuff like "instant privilege escalation" CPU instructions for example.

Can you guarantee Power processors don't have that? No you can't. Ops, you are just blindly trusting a vendor with zero legal recourse if anything goes sideways, fuck you very much.

You have a very wrong idea of how security works. Security audits don't usually claim vulnerabilities until they have proof of it.

that I'm waiting for a true half-decent fullstack open system before committing to the limitations of a different architecture.
Power is cool but I don't feel it is worth it.

I'm on AMD, btw. More because of Intel CPU vulnerabilities than because of ME. Yes I know there is the PSP

And no vendor has ever published wrong, incomplete, or misleading public API documentation? You've seen the full, complete source code of the ME and can guarantee the API and configuration bits do exactly what they state, with no unwanted / undocumented side effects?

If you haven't, you are just blindly trusting a vendor with zero legal recourse if anything goes sideways. That's not how security and associated auditing / hardening works.

And at this point, it's fairly clear you have a machine with a "disabled" ME that you want to feel safe using, and are perfectly willing to bury your head in the sand (figuratively) to keep that safe feeling. That's fine, but also insufficient for us that need real security vs. a mere feeling of safety.

That's not how evidence works. HAP bit is shown to stop further interaction with known documented API.

Your claim is on the same level of saying the ME can contact aliens with a beam of psychic energy.

With the setting it is indeed "ineffective" and "inoperative", after it has read it and executed it.

If you want something that does not need to read a setting you are looking for "removed"

It is disabled after the board init phase, which means after the first 100ms or whatever when you press the power button.

And you can 100% guarantee that your Power CPUs don't in fact contain another CPU running a secret OS that is accessible only by using secret and undocumented instructions?
(which is actually shown to be possible and somewhat true for some older VIA CPUs where you do have such instructions to do nice things)
Fuck off with this bs.

While on Intel in most cases firmware access is widely available and anything can write to it.

We found 3-4 hours of while running web apps, office apps, or image editing.

Honestly, putting a dGPU in all workstation laptops makes little sense. The most graphically demanding thing I use for work is a web browser, and an integrated GPU is good enough even for accelerating image editing.

Since Thunderbolt exists, I think there would be plenty of people who'd rather have an integrated GPU on the go, and the possibility to hook external one up if it's needed for something like playing games outside of work.

He is talking of the more "free" type of workers, artists and freelancers that are the backbone of Apple's reputation and brand recognition.
And yes, they commonly value long battery life.

If it wasn't for them that set the brand as desirable, the corporate drones you mention would be tapping away on HP or Dell laptops instead.