*If* Cisco is trusted, and intercepted boxes really is the main risk, Cisco could design their hardware to have its entire firmware on an SD card and no non-volatile storage whatsoever in the rest of the hardware. Any concerned customer can then source and burn their own SD card from a file downloaded from Cisco using a secure method after checking that there are no hardware additions present by referencing a securely downloaded photograph of what the board ought to look like.