Because the entire stack is auditable here. There's no Cisco backdoor, no Intel ME, no hidden malware from a zombie NPM package. It's all your hardware.
Nor will you be immune from AMD Vitis/Vivado sideloading crap into the bitstream.
Sadly, you have to fab your own chips using sovereign facilities if you want security. Individuals simply cannot access genuinely high assurance product and there's no major government in the world with the slightest interest in changing their stance on this policy. There are simply too many governments long on SIGINT to go down such a route.
