>>721
>What about old hardware? Like a Pentium 133 or an AMD k-6?
Sure, you shouldn't really need to go that far back though, also those CPUs are probably slower than the systems I listed. It seems to me that at the very minimum some K-7 and Netburst CPUs would be a possibility. It's difficult for me to give suggestions though because they've just been consistently moving in this direction for such a long time, and because in many cases the early developments of these technologies are either innocuous or simple to work around.
2006-2008 is the grey area for Intel CPUs because this is when things started going south with AMT, ME, TPM, Microcode, Speculative Execution, etc. You really do have to do some research into the individual CPU to know for sure in this time span. I honestly don't know as much about AMD CPUs, I know some of them have speculative instruction issues since 2003. They started getting Microcode in 2007, they got SEM at some point post-2003 and they got their PSP system in 2013. It probably took a generation or two for each of these things to become strong enough to be harmful though as in Intel CPUs. If you really want to go back to the vary root of most of this it's with trusted computing which started to slowly be implemented starting around 2003:
https://www.eff.org/wp/trusted-computing-promise-and-risk
https://www.eff.org/wp/meditations-trusted-computing
Another concern for x86
_64 systems is that they have non-free bios which need to be re-flashed with coreboot or libreboot in order to be able to boot using only free software. This problem is near universal with only a few examples of machines with modern Intel CPUs being the exception. Additionally the vast majority of systems lack support for libreboot/coreboot. Due to this there is no x86 system I can point to and say out of the box this is capable of running a desktop environment securely.