LEGEND:
IME=Intel Management Engine
Linux can be a safe OS (is not perfect, but is Open Source so is difficult to place backdoors and other stuff). But with modern hardware security and privacy are not granted as happen with the good old hardware.
On the modern Intel CPU there is the "Intel Managment Engine", which is in ring 3 (all privileges!), with his own OS (Minix), and with complete access to network-stack, disk, etc.
AMD use something similar called PSP, some people said PSP is not dangerous and invasive like IME, some others said is the same thing.
Personally I prefer PC more OS (open source) as possible, with Intel we have a lot of good solutions
a)
NovaCustom, some laptops use Coreboot firmware, on some models is possible to disable the IME, the prices are not too high imho
b)
Minfree, some good thinkpad, with modern cpu and IME disabled, prices are low
c)
Purism, offer not only laptops but also minipc and servers with coreboot, very good. Prices are high-medium.
d)
System76 offer some good laptops with Coreboot, is possible to disable IME.
e)
Store Viking offer some laptops and Workstation with Opteron with coreboot. Prices are a little high.
f)
https://www.raptorcs.com/ offer a nice line of ppc Workstation with Open PPC Power 9 very powerful, completely Open Source (only the network card and some VGA are with proprietary firmwares), the prices are ultra-high.
Unfortunately ATM seems is not possible to disable AMD PSP, and Coreboot still don't support Ryzen. The only solution to avoid PSP is buy a CPU without it (only on Ryzen there is PSP, as I know)
What do you think about this?
What about the Raspberry Pi?
In your opinion PSP is dangerous as IME?