OTOH, carrying around a microphone connected to the Internet which can be remotely enabled at any time without leaving any real trace (battery use/network use is the only real sign, although even that could be covered up to a great degree -- there is probably a way to do either low-fidelity or infrequent audio pickup, maybe keyed on location and charger state, and on-device pre-processing) -- people do this all the time Mostly because there's no real alternative to carrying smartphone yet.
Plus, of course, there's the fact that no modern desktop OS is particularly secure -- either you give up auto-updates and likely fall to bugs, or use auto-updates and are at risk to your OS vendor or anyone who can compel him. So sensors attached to it, as well as stuff processed on it, is also at risk. You can somewhat mitigate this through a large combination of other protections, but it's almost impossible for a single user single machine to solve that problem.
I'd love a custom run of Dell Chromebook 13 or Lenovo Thinkpad 13 Chrome Edition with no built-in mic/camera, and an EPROM vs. EEPROM, and some special case features. Would be willing to commit to buy 10k units at ~$800/unit retail in 8-16GB x 32GB config.
Personally I'd prefer to buy off-the-shelf hardware and just snip the mic and camera.
So, OEM buys 10k units, chooses a few samples and tests them. Then he sends all the units on to his logistics warehouse to fulfill customer orders. The shipment from the testing facility to the warehouse is an interesting target now. Alternatively, the outgoing orders from that logistics warehouse.
An induvidual customer buying one laptop is no closer to his goal of ensuring no outside party tampered with it.
> published specs
I'm curious how published specs help a regular user verify his laptop does not contain manufacturing backdoors.
I've seen many suggestions for hardware integrity, but none of them enables the end user to verify that his hardware exactly matches with the published schematics/ASIC masks. They all simplify the problem description to only reach part of the way, requiring trust on part of the end user in all the later links in the chain. Or they just assume that the customer is buying 10k units - which does nothing to help individual end-users.