If might have been if AMD were opening up and Intel weren't.
EDIT to expand a bit since some people seem to be missing the point: hypothetically, GP might have preferred Intel on narrow technical criteria, but have been willing to override that preference for the sake of transparency. No transparency difference, no reason to override.
Well in this line of thought at least now there's a chance competition will set either/both on that path.
Fwiw I'm not ready to use open-ish ARM/POWER exclusively, but AMD/Intel'll have to contend with that soon(tm)
[Answer to parents EDIT]
I'd argue the effective technical difference set between AMD & Intel is growing ever narrower, and aside from brand fidelity there is very little reason for a consumer to have non-moral preferences to one or the other manufacturer.
I don't know the plans with TALOS II, but those who are interested in what happened to the original Talos Secure Workstation crowdfunding might be interested in the following article, which I think anybody, who is interested in how an alternative could look like, should read:
Sorry, I'm confused by your response. I was saying that if AMD took a different approach from Intel, it would have been a differentiating attribute and I would have been swayed in that direction.
ARM has TrustZone. OpenPOWER or RISC-V are the only real options at the moment, and both of them are prohibitively expensive to get hardware for and basically require using a softcore in an FPGA.
Are there examples of non-TrustZone ARM SoCs? I'm not aware of any, which would make it a moot point about whether a theoretical vendor could make the decision to not includ eit.
The hikey and hikey960 devboards let you build your own code to run in the trustzone - eg the boot chain isn't signed and secure. The trustzone and uefi implemention these boards use is also fully open source.
Maybe we should start with stating that the core of TZ is an execution mode of the ARM CPU privileged above the normal kernel mode, not a separate core running some obscure code. TZ can run any suitable hypervisor or just be left unused. It's nothing like the ME/PSP.
Still, some boards/devices may lock it down, for example by code signing.
I think it gets obfuscated due to the fact that about the only public information that AMD provides on the PSP is that it uses ARM Trustzone technology.
Most likely the best you'll get is either a fully usable TrustZone SoC (so you can have your bootloader or linux do what you want) or there are SKUs of SoC where the ROM locks the various TZ registers into certain configurations which is meant to disable any runtime usage of the TZ by higher level SW e.g. bootloader or OS.
If you are making something with the SoC.. it's probably safer to buy the locked down version of the SoC than to mess about with TZ or to leave it open.
An ARM CPU is hardly comparable to an Intel/AMD CPU. And I don't mean in terms of performance.
The CPUs from Intel/AMD are much more than a simple CPU, they are a complete system on a chip with a lot of more features that go beyond processing power for your system. On the other hand, an ARM CPU is just a simple CPU.
If you want to make comparisons, a more correct one would be between the Intel/AMD CPUs and a Snapdragon processor.
ARM chips have been full SoCs for far longer than x86 chips have been. It took a while for Intel and AMD to integrate the memory controllers and PCI root complex onto the CPU rather than in the northbridge.
AKAIK, only the Versatile/RealView style boards that an SoC manufacturer would get directly from ARM come with bare ARM chips. Anything other than that is an SoC.
My point is that an Intel/AMD product is a complete solution while an ARM product is just the very basic implementation of a CPU.
ARM doesn't mandate on anything related to the SoC except for the CPU, everything else related to PCI buses, memories, physical implementation, chipsets, etc, is up to the SoC developer to decide and implement.
And event then you have to trust the closed source synthesis tools on top of the FPGA itself... Of course it would be harder to backdoor but it's probably doable, especially if it targets those particular designs specifically.
There's simply no way to get a completely trusted computer stack nowadays, short of assembling it by hand using discrete electronics. It won't run very fast though...
I guess an alternative would be to crowdfund the production of an open source CPU then take a few samples and send them to people with an electron microscope and a lot of patience to make sure that the silicon really matches the design and wasn't tempered with in the fab.
