Personally I'd prefer to buy off-the-shelf hardware and just snip the mic and camera.
So, OEM buys 10k units, chooses a few samples and tests them. Then he sends all the units on to his logistics warehouse to fulfill customer orders. The shipment from the testing facility to the warehouse is an interesting target now. Alternatively, the outgoing orders from that logistics warehouse.
An induvidual customer buying one laptop is no closer to his goal of ensuring no outside party tampered with it.
> published specs
I'm curious how published specs help a regular user verify his laptop does not contain manufacturing backdoors.
I've seen many suggestions for hardware integrity, but none of them enables the end user to verify that his hardware exactly matches with the published schematics/ASIC masks. They all simplify the problem description to only reach part of the way, requiring trust on part of the end user in all the later links in the chain. Or they just assume that the customer is buying 10k units - which does nothing to help individual end-users.