It is not possible to truly glow-proof a modern PC that is connected to the internet. These machines are so complex that there will always be some vulnerability somewhere. This is especially true when dealing with the feds as they are known to sit on exploits they discover so they aren't patched [https://www.schneier.com/blog/archives/2016/08/the_nsa_is_hoar.html
]. There are some vulnerabilities that go down to the processor level, like Intel IME [https://en.wikipedia.org/wiki/Intel_Management_Engine
]. No computer can be assumed to be 100% secure.
The best most of us can hope to do is opt out of dragnet surveillance. This can be done by not giving out personally identifiable info: IP, govt. name, home address, traceable email/phone, credit card, etc; general avoidance of big web services; and don't use windows, android, or any other corporate or state produced OS. If your worried about targeted surveillance from the Feds, only real chance is with Tor or non-US vpn but even that's not a sure thing. Probably the single best thing you can do is to encrypt your hard drive, because that denies them the option of simply breaking down your door and seizing your machine to gather evidence. However none this is 100% effective, there will always be a vulnerability somewhere, your best bet at beating the feds is the fact that they have to economize their efforts and probably won't use their most exotic stuff on you unless you're a state actor or a violent terrorist.