If you bootstrap your software from source code and use white listing at the kernel level and in your interpreters. Then there is no place where spyware could exist and run.
Firmware and microcode are just software unless you are talking about a Nexus Intruder Program style attack; in which case you are fucked even if you solder your own hardware. You’ll need to figure out how to bootstrap your own lithography without using any existing computers, as they could be subtly subverting any hardware that you made. (This was the ultimate weapon against Soviet computers after all)
If you bootstrap your software from source code and use white listing at the kernel level and in your interpreters. Then there is no place where spyware could exist and run.
But then your hardware may have malware embedded in it from supply chain risk. So gotta start soldering the motherboard yourself just to be safe.
Firmware and microcode are just software unless you are talking about a Nexus Intruder Program style attack; in which case you are fucked even if you solder your own hardware. You’ll need to figure out how to bootstrap your own lithography without using any existing computers, as they could be subtly subverting any hardware that you made. (This was the ultimate weapon against Soviet computers after all)