At this point in time, esp. given the raving lunacy of the US White House, those of us outside the "West", wonder the same thing about US companies.

Iphone is made by Chinese companies too. Same with Tesla. A lot of those components made by purely Chinese companies and yes can be trace to individuals who are CCP. It is extremely hard to source another purely away from any Chinese connections. If you say the main company is USA, you seems to ignore how the pager exploding setup was done. Go into any IT rooms in USA and you audit it as zero from China even if you ignore Taiwan as recognized by American law as part of China. We can't buy anything truly made non-China. Even F35 has some components (and that is official, unofficial we dont know) made in China. Google want to sell Motorola to American companies, not even Pentagon or NSA bother back then. Think about it, how hard to engineer a backdoor exactly same components (say capacitor) or motors during shipment for those phones.

The true reason you can't trust a Chinese company, and other countries can't trust US companies, is the Western patent regime that allows various companies to sit on patents for absurd amounts of times, preventing others from selling you completely clean hardware on which every piece of software can be replaced.

Good point. It's a good thing that, say, Google is notoriously independent from the US government, and has never had any ties to it whatsoever.

The whole point about having an open platform from boot is you don't have to trust it. You run your own code from first power on.

Is it possible that it's backdoored, have a secret opcode / management engine? Probably, but that goes to everyone, as it's not practical to analyze what's in the chip (unless you're decapping them and all)

I don't know what secure environments you're talking about, if it's an airgapped system then you should be secure even when what's inside 'tries to get out'.

Depends on what environment you mean. Chinese secure environments would see a Chinese OEM as an advantage vs. Google Pixels. In the US yeah you'd want a Pixel.

European tech is in shambles and everyone else is barely holding it together outside of tech.

> Lenovo originated as an offshoot of a state-owned research institute.

From Wikipedia: https://en.wikipedia.org/wiki/Lenovo

That's the entire point of verified boot with custom keys, you don't need to trust Motorola or Lenovo. You can control what runs from the first boot, the threat model for a compromised supply chain is different from a backdoored chip. If you are worried about the latter that applies to every manufacturer including Google & Apple.

what does "secure environment" mean?