Considerations
Hardware¶
This section is going to be pretty short. There isn't much that needs to be said, though there are some important factors to consider when you choose a piece of hardware or software. Before I go any further, I believe in a healthy dose of brand disillusionment. I've seen way too much in my years in tech of people playing favorites for a big corporation, when that corporation doesn't give a damn about anything but their bottom line.
There are two important factors when picking hardware. With software it gets a bit more complicated. You will either end up looking for the best value or the best piece of hardware. Sometimes you can have both, although it's pretty rare. Let's take AMD and Nvidia as examples. AMD for a long time used to be considered the best value, since you got good performance at a good price. Nowadays, this isn't so much the case, given the pricing of cards from both brands.
Putting that aside, you do need to take other factors into consideration, as we are now going to cover the cybersecurity aspect. This is way more important than most people think, cheap spending here can become a serious issue. In regards to things like motherboards, CPUs, GPUs, etc, the brands tend to be pretty solid. Anything from Nvidia, Intel, AMD, ASUS, MSI, ASRock, Apple, EVGA, Sapphire, etc, is going to be trustworthy. What you really have to be careful of is the cheap stuff with odd brand names. A very good example of this is if you search for SSDs on Amazon. You'll find cheap offerings with the weirdest names that don't make any sense and can't be pronounced. This is because they are untrustworthy pieces of garbage that are pumped out from some random place that could very likely have firmware or hardware implants that allow them to spy on you.
I'm not going to get into a geopolitical shitflinging contest, so don't try to start something where there's nothing. What I will say is that a person from a Western bloc country shouldn't use hardware or software from an Eastern bloc country. If you aren't aware of what I'm referencing, there's a lot of info on Google. And I'm not talking about the physical locations of a country. Japan may be in the Eastern part of the world, but it's a Western bloc country through and through.
If you want to vet your hardware more from a cybersecurity perspective, you'll need to figure out who makes the hardware and where. For example, Samsung and TSMC make quite a lot of hardware these days. One is a South Korean company and the other is a Taiwanese country. These are both trustworthy sources. Another example of a good choice is Apple. People might try to argue this one with me, but I'll point to how stringent they are with their hardware and software. They aren't going to risk their brand and reputation by letting an Eastern bloc country tamper with their products.
One of the most important choices a person can make regarding hardware is their phone. A phone is something almost everyone has with them all the time, since our society has become glued to the damn things. It is an intelligence agency's dream. It has a camera, microphone, all the persons personal life, contacts, GPS history, and so on available in one central place.
I've said it before and I'll say it again. There's no point in trying to outsmart and outplay Five Eyes. They will always get what they want. Even if you got an extremely secure phone with no backdoors, most people cannot fathom how easy it is to be tracked and monitored and how many different data points can be collected on a person. I don't waste my time or energy with things like Graphene. It's a good piece of software and I respect the devs; I just see it as pointless if a person is trying to avoid Five Eyes. It's a different story if you want something that protects you from corporate tracking.
I also caution you if you are a Western bloc citizen to avoid any phone made in the East. You really need to stick with something trustworthy. I don't care for brands like Samsung that much, though their phones work just fine. Apple has been my preference for a long time, due to the hardware and software, and the fact that they are extremely stringent about who's allowed inside the walled garden. You get what you pay for. A cheap $40 phone will absolutely cost you in other ways.
I've seen plenty of comments on forums and Reddit threads of some truly genius people who say things like they will just get a phone with Eastern ties just because they don't trust Western intel agencies and that having their data collected by an Eastern intelligence agency doesn't matter, since they don't live there. This is such a stupid f'ing way of looking at it, but I won't waste my time arguing with people that think that way.
Software¶
Now software is similar in regards to things like the ties to the part of the world it comes from, but in some ways is a way more important consideration. You need to also be aware of who the devs are, what companies they are tied to, their history in the community, what the software is capable of, etc.
First, I'll cover closed and open source software. Closed source means the source code is hidden and can't be seen by anyone. Windows is an example of this. Open source means anyone can see the code, and be modified by other people. Linux distros are an example of this. Things can get muddy here, so bear with me.
In regards to cybersecurity, open source isn't the end-all be-all that some people try to make it out to be. Just because something has it's code available to the public doesn't mean anything. There's plenty of dangerous software on places like GitHub. Unless people have gone through and verified every line of code that it isn't malicious, you wouldn't know and could just very easily be installing a virus. Now, I recommend some open source software, but it's because what I do recommend has been used by a lot of people and it's been in the community for a while. Things like Cryptomator, NixOS, Portmaster, LibreOffice, and so on are incredible and add a lot of value to people that use them. I don't just recommend some random shit because it's open source.
Closed source has its own considerations. For example, if you were looking to use a piece of software for your business, there's a good chance you'd use a SaaS company. Most SaaS companies have closed source software. In spite of what many in the open source community believe, closed source isn't the evil it gets portrayed as. I wouldn't expect these companies to just allow their IP to be visible to everyone so other people can come along and ripoff the work that was done. The other thing to consider is closed source in the context of a business. Sure, there's been some crappy companies with bad software, but every industry and profession will end up with some crappers. Companies like Apple would never risk their reputation to do something stupid like hide malware in their stuff. There's also small software companies I use that wouldn't dream of doing dumb shit like that. There's a lot of great closed source software out there.
One special note on closed source though. If you end up coming across some niche piece of software and it's just a person behind it and no business, be wary. This is especially true if the person doesn't have their identity known to the public. Many a malware has spread this way, because people trusted something that looked legit, but it was a piece of concealed malware. If someone is going to release a piece of software, stay hidden behind an internet identity, and they aren't even in business, why the hell would the software need to be closed source?
There's so many different use cases and needs of people that I couldn't possibly cover all the combinations of what people might be looking for. In the future, I may add software recommendations so people can have an idea of stuff that's good, but it's really important that you do your due diligence. All the safety tools and measures in the world in the hands of a careless user won't stop malware.