Its just as risky for a non-American buying from a US company. And despite what others have said, customs can be a point of interception. But it’s not customs you need to worry about, they hand-off to the spy agencies to do their thing when they get a valid order to do so. Example program:
Like others have said though, your threat model is what’s important. And if you are a person of interest to security agencies eg a whistleblower or journalist then you’d be wise to have someone you know make the purchase instead of you.
I’d be more concerned about Chinese products in general, as they have been caught again and again with pre-embedded untargeted malware. Meaning, everyone who ordered that model got a helping of malware, not just those under active surveillance by three letter agencies.
If you’re not a person of interest though then you are 99.99% safe. You could always reinstall the OS when you get it and ensure the bootloader is locked. Again that would keep everyone except state security agencies out.
Its just as risky for a non-American buying from a US company. And despite what others have said, customs can be a point of interception. But it’s not customs you need to worry about, they hand-off to the spy agencies to do their thing when they get a valid order to do so. Example program:
https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/
Like others have said though, your threat model is what’s important. And if you are a person of interest to security agencies eg a whistleblower or journalist then you’d be wise to have someone you know make the purchase instead of you.
I’d be more concerned about Chinese products in general, as they have been caught again and again with pre-embedded untargeted malware. Meaning, everyone who ordered that model got a helping of malware, not just those under active surveillance by three letter agencies.
A few examples in this blog entry: https://georgetownsecuritystudiesreview.org/2018/05/23/flawed-by-design-electronics-with-pre-installed-malware/
If you’re not a person of interest though then you are 99.99% safe. You could always reinstall the OS when you get it and ensure the bootloader is locked. Again that would keep everyone except state security agencies out.