These risks don't seem to materialize if you're not targeted by something like an intelligence agency. Not sure publicly funded research has such security requirements, at least by default (they can always buy custom equipment for a project, or just not put such data on devices you take home / out and about). Might be worth it compared to the very real benefits it has around the world by paying good salaries and fairer material sourcing

▲

protimewaster 2 hours ago | parent [-]

That's probably true, but some of the mistakes FP has made in the past could probably be widely exploited, so it doesn't instill a lot of confidence IMO. E.g., they were signing their OS images with the AOSP test keys.

	▲	Vinnl 2 hours ago \| parent [-]
		It's not a particularly old company (a little over ten years I think?), so presumably they've had to learn a lot of those kinds of lessons at the start of their lifetime. But at this stage, I'd assume they've learned the lowest-hanging lessons, at least.