Considerations
Hardware¶
This section is going to be pretty short. There isn't much that needs to be said, though there are some important factors to consider when you choose a piece of hardware or software. Before I go any further, I believe in a healthy dose of brand disillusionment. I've seen way too much in my years in tech of people playing favorites for a big corporation, when that corporation don't care about anything but their bottom line.
There are two important factors when picking hardware. With software it gets a bit more complicated. You'll either end up looking for the best value or the best piece of hardware. Sometimes you can have both, although it's rare. Let's take AMD and Nvidia as examples. AMD for a long time used to be considered the best value, since you got good performance at a good price. Nowadays, this isn't so much the case, given the pricing of cards from both brands.
Putting that aside, you do need to take other factors into consideration, as we are now going to cover the security aspect. This is way more important than most people think; cheap spending here can become a serious issue. In regards to things like motherboards, CPUs, GPUs, etc, the brands tend to be pretty solid. Anything from Nvidia, Intel, AMD, ASUS, MSI, ASRock, Apple, EVGA, Sapphire, etc, is solid. What you have to be careful of is the cheap stuff with odd brand names. A good example of this is if you search for SSDs on Amazon. You'll find cheap offerings with the weirdest names that don't make any sense and can't be pronounced. This is because they are untrustworthy pieces of garbage that are pumped out from some random place that could have firmware or hardware implants that allow them to spy on you.
A person from a Western bloc country shouldn't use hardware or software from an Eastern bloc country if they care about security and privacy. If you aren't aware of what I'm referencing, there's a lot of info on Google. And I'm not talking about the physical locations of a country. Even though Japan's in the Eastern part of the world, it's a Western bloc country through and through.
If you want to vet your hardware more from a security perspective, you'll need to figure out who makes the hardware and where. For example, Samsung and TSMC make a lot of hardware these days. One is a South Korean company and the other is a Taiwanese country. These are both good sources. Another example is Apple. People might try to argue this one with me, but I'll point to how stringent they are with their hardware and software. They aren't going to risk their brand and reputation by letting an Eastern bloc country tamper with their products.
One of the most important choices a person can make regarding hardware is their phone. A phone is something almost everyone has with them all the time, since our society has become glued to them. It's an intelligence agency's dream. It has a camera, microphone, all the persons personal life, contacts, GPS history, and so on, available in one central place.
I also caution you if you are a Western bloc citizen to avoid any phone made in the East. I don't care for brands like Samsung that much, though their phones work just fine. Apple has been my preference for a long time, due to the hardware and software, and the fact that they are extremely stringent about who's allowed inside the walled garden. You get what you pay for. A cheap $40 phone will absolutely cost you in other ways.
I've seen plenty of comments on forums and Reddit threads of some truly genius people who say things like they will just get a phone with Eastern ties just because they don't trust Western intel agencies and that having their data collected by an Eastern intelligence agency doesn't matter, since they don't live there. It's a dumb way to look at it, but to each their own.
Software¶
Now software is similar in regards to things like the ties to the part of the world it comes from, but in some ways is a way more important consideration. You need to also be aware of who the devs are, what companies they are tied to, their history in the community, what the software is capable of, etc.
First, I'll cover closed and open source software. Closed source means the source code is hidden and can't be seen by anyone. Windows is an example of this. Open source means anyone can see the code, and be modified by other people. Linux distros are an example of this. Things can get muddy here, so bear with me.
In regards to security, open source isn't the end-all be-all that some people try to make it out to be. Just because something has code available to the public doesn't mean anything. There's plenty of dangerous software on places like GitHub. Unless people have gone through and verified every line of code to verify it isn't malicious, you wouldn't know and could be installing a virus. Now, I recommend some open source software, but it's because what I do recommend has been used by a lot of people and it's been in the community for a while. Things like Cryptomator, NixOS, Portmaster, LibreOffice, and so on are incredible and add a lot of value to people that use them. I don't just recommend something random because it's open source.
Closed source has its own considerations. For example, if you were looking to use a piece of software for your business, there's a good chance you'd use a SaaS company. Most SaaS companies have closed source software. In spite of what many in the open source community believe, closed source isn't the evil it gets portrayed as. I wouldn't expect these companies to allow their IP to be visible to everyone so other people can come along and ripoff the work that was done. The other thing to consider is closed source in the context of a business. Sure, there's been some crappy companies with bad software, but every industry and profession will end up with some crappers. Companies like Apple would never risk their reputation to do something stupid like hide malware in their products. There's also small software companies I use that wouldn't dream of doing something like that. There's plenty of great closed source software out there.
One special note on closed source. If you end up coming across some niche piece of software and it's just a person behind it and no business, be wary. This is especially true if the person doesn't have their identity known to the public. Many a malware has spread this way, because people trusted something that looked legit, but it was a piece of concealed malware. If someone is going to release a piece of software, stay hidden behind an internet identity, and they aren't even in business, why the hell would the software need to be closed source?
There are so many different use cases and needs of people that I couldn't possibly cover all the combinations of what people might be looking for. It's important to do your due diligence. All the safety tools and measures in the world in the hands of a careless user won't stop malware.