It is even worse. The attempt to escape into OSS/Linux is a step in the right direction. But as long as we are dependent on mass consumer hardware then there is always a risk of being spied through hardware backdoors. In this case it doesn't matter which software we use. Even encryption is useless. It is NOT enough to avoid Windows 8 because the real problem is modern hardware that uses Trusted Computing chips.
Trusted Computing (TC) is way more dangerous than classical hardware backdoors. I consider TC an evil technology because it not only takes control away from the user but it even allows to inject faked evidence into computers which could make innocent people -- independent journalists, political activists etc. -- suspect to crime.
TC could also be used to delete evidence from computers of journalists who would have no power to keep it. TC allows to control people without letting them even know about it. TC is a huge danger for freedom of speech. It should be banned politcally and boycotted in business. My recommendation: Don't buy consumer hardware but use embedded Linux systems with bare bone technology.
If we want to be truly secure from being spied then we must do a complete restart with new hardware and software from scratch. There is no way around.
I am actually "glad" about the NSA scandal (thank you Snowden) because it woke people up and made them aware of the reality of global surveilliance, and about the huge threats of Trusted Computing. NSA should be controlled by the people of the United States but obviously it has become out of control. This single NSA case has silenced the mouth of the conspiracy mockers once and for all.
It is the job of the hackers to think about the whole mess, and to develop solutions that actually work and which guarantee freedom of speech to us. Hacking insecure systems is one thing but now they have the opportunity to prove how smart they really are.
Meanwhile you could google around for "Linux embedded systems".
A mainboard with such a feature just needs a hidden remotely accessible subsystem that is completely protected by TPM and which has access to your system through DMA, to read bytes and to write bytes in whatever system (RAM, Harddisks, SDcards, USB, WLAN, etc).
Consider it a "dual system" mainboard with the usual hardware where you have full control, plus a controlling subsystem where you have no access at all. Everything could be done remotely but you couldn't see any evidence.
I agree that this could be done in principle, and even that it isn't unlikely that people are thinking about doing it. But is there any evidence that such a subsystem has ever been created? Are there any additional technical details surrounding this?
I think journalists or other hobbyists/professionals with work they need to protect should start thinking about keeping an air-gapped computer around. I've seen this phrase used recently to describe a computer which has never been connected to the internet, a network or another device. I'm sure it's non-trivial to source a computer that arrives in a trustworthy state, however.