Try to keep your computer in a safe location. Hardware alterations are more likely on public computers, in internet cafés or libraries, and on desktop computers, where a device is easier to hide.
Use a [[password manager|doc/encryption_and_privacy/manage_passwords]] to paste saved passwords. This way, you don't have to type passwords that might be visible to people or cameras near you.
Keyloggers are easy to buy and hide on desktop computers but not on laptops. For an example, see <a href="https://www.youtube.com/watch?v=6JJo8qCYE8M">KeeLog: KeyGrabber forensic keylogger getting started</a>.
Other hardware alterations are much more complicated and expensive to install. For an example, see <a href="https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/">Ars Technica: Photos of an NSA “upgrade” factory show Cisco router getting implant</a>.
Firmware includes the BIOS or UEFI and other software stored in electronic chips on the computer.All operating systems, including Tails, depend on firmware to start and run, so no operating system can protect against a firmware attack. In the same way that a car depends on the quality of the road it is driving on, operating systems depend on their firmware.
Firmware attacks have been demonstrated, but are complicated and expensive to perform. We don't know of any actual use against Tails users. For an example, see <a href=https://www.youtube.com/watch?v=sNYsfUNegEA>LegbaCore: Stealing GPG keys/emails in Tails via remote firmware infection</a>.