I'd guess it is a matter of priorities (do you want the safest, best-tested environment, or something less tested?).

However, assuming the source is easily bootstrappable, someone should try producing an unofficial port to Arm and Risc V. I'm sure it would reveal some security holes, even if it isn't appropriate (yet) for tails' target audience.

I agree, and you have to make the PRs you want to see. I don’t think this project of free software has a big (or perhaps any) budget!

I'm so tired of seeing this argument. Most "big" open-source projects are well funded. Usually the reason they don't support <<obvious thing>> is poor leadership, not funding.

Over the past two years Tails has received 500k USD in bitcoin alone:

https://www.blockchain.com/explorer/addresses/btc/bc1qjg53lw...

You can also surmise that they receive ~200k/yr from official sponsors:

https://tails.net/sponsors/index.en.html

Then you have all the paypal, bank, cash donations.

Is it enough to add support for a second arch that is fully supported upstream (they ship a customized Debian)? You decide.

That’s a lot of donations.