Dark times lie ahead of 2nd hand market.
AMD EPYC CPUs have a subprocessor that essentially should be considered a hardware “root of trust”. Along the many features it has to offer there is one that “enables hardware validated boot”, which essentially allows vendors to bind the processor to their own hardware, so the chain of trust cannot be compromised. It is supposed to protect against “remote attackers seeking to embed malware into platform’s firmware”.
Quotes come from AMD presentations/statements.