On Intel & AMD, both have a "hidden core" (i.e., a 4-core processor is really a 5-core processor), and they run proprietary, closed-source operating systems that literally no one outside of Intel or the NSA has any idea what they do.
We do know it has full access to the fTMP, RAM, and Network.
We also know that the NSA has a special contract to obtain Intel processors with the IME disabled... Why would they want that if the processors were trustworthy[1]?
A decade old hidden minix OS/IME probably shouldn't be trusted, regardless of company government ownership percentages. My point was the TPM method assumes no one with malicious intent works at these firms for $8/hour, patched your shipment en route as a state sponsored thief, or installs an OS that quietly mirrors keys into the cloud.
Nowadays you use the fTPM built inside the CPU. And if you don't trust the CPU maker, well, you have bigger problems.