We should lock this thread as it is unrelated to Development.
But to your point - highly speculative, no disclosures have ever confirmed it etc. If you’re targeted, you are screwed because computers are swiss cheese to highly advanced attackers, meaning CPU backdoors aren’t needed. See here:
The following is just a small sample of the hundreds of advanced implants and tools currently in use. Needless to say, advanced adversaries can achieve almost any outcome they like:
- Exfiltrate or modify information / data including removable flash drives (SALVAGERABBIT).
- Log keystrokes or browser history (GROK, FOGGYBOTTOM).
- Surreptitiously turn on cameras or microphones (CAPTIVATEAUDIENCE, GUMFISH).
- Exploit VPN and VOIP data (HAMMERCHANT, HAMMERSTEIN).
- Block certain websites (QUANTUMSKY).
- Corrupt downloads (QUANTUMCOPPER).
- Present fake or malware-ridden servers (FOXACID, QUANTUMHAND).
- Launch malware attacks (SECONDDATE).
- Upload and download data from an infected machine (VALIDATOR).
- Detect certain targets for attack (TURMOIL).
- Collect images of computer screens (VAGRANT).
- Collect from LAN implants (MINERALIZE).
- Image the hard drive (LIFESAFER).
- Jump air-gaps (GENIE).
- Inject ethernet packets onto targets (RADON).
- And much, much more.
In other words, if your threat model involves these agencies, you basically can’t do anything online or on electronic devices, because you’ll be owned. Full stop.