> This definition would generally bar you from using phone modems, Wifi cards, and GPUs. With some exceptions, their CPUs have nothing to run without external help, so they are forced to load and run arbitrary code to even be operational.
Although I personally don't always consider this to be a hard reason not to use hardware, yes, I am indeed quite grumpy about the fact that most of my systems contain parts that I don't control. As to practical fallout, it varies by impact and options; since AFAIK I can't buy a modem that doesn't use binary blobs, I just factor it into my threat model with mitigations where reasonable (thankfully, not all phones expose all of main memory to the modem) and move on, but where there are reasonable options (yes, that's weasel-worded; I haven't yet switched to POWER because I don't want to pay 10x for my machines) I use them, for instance when I buy a phone I filter by whether it has an unlockable bootloader.
> The artificial constraint is either that the code (firmware) is closed, or both closed and signed.
Although I personally don't always consider this to be a hard reason not to use hardware, yes, I am indeed quite grumpy about the fact that most of my systems contain parts that I don't control. As to practical fallout, it varies by impact and options; since AFAIK I can't buy a modem that doesn't use binary blobs, I just factor it into my threat model with mitigations where reasonable (thankfully, not all phones expose all of main memory to the modem) and move on, but where there are reasonable options (yes, that's weasel-worded; I haven't yet switched to POWER because I don't want to pay 10x for my machines) I use them, for instance when I buy a phone I filter by whether it has an unlockable bootloader.
> The artificial constraint is either that the code (firmware) is closed, or both closed and signed.
Yes, agreed.