It's pretty bonkers that you trust a computer vendor to control the firmware on your PC but not the CA chain. If Dell is determined to listen to your conversations, they can spy from the hardware, keylog beneath the OS, or literally listen through an embedded microphone.
People don't trust their hardware vendors because they're trustworthy, they trust them because they don't have any real choice.
If my preferred OEM offered me the choice between a locked-down opaque system, and an /equivalent/ system that is completely open and verifiable, I'd choose the second option every single time. I expect many would as well.
Sure. I'm just saying it's easier to verify the CA list than verify the hardware, and the hardware gives the OEM a superset of what they can do with the CA list.
