Hi Paul,
Thank you for sharing the article.
It's a shame how people at 'security' are putting other people in a cat-and-mouse game, forcing them to monitor them and take action on their own expense.
As they don't belong to the scrupulous, what about the scenario you watch the endorsed hardware page on FSF [1], buy a laptop from there, and they'd halt it at the post and infect something bad in it without anyone knowing it? How would you know?
Best Regards,