You aren't getting downvoted for explaining, you're getting downvoted
for the ridiculous assertion that we need to throw out basic Freedoms
like the ability to do whatever the fuck with hardware we own (including
running whatever the fuck we want on it) because there's a chance we
might be compromised.
Those who would give up essential liberty
to purchase a little temporary safety
deserve neither liberty nor safety.
You can run whatever you want. If you don't care about security, go to the firmware settings and turn off secure boot. If you do care about security, go to the firmware settings and add your own key, and then sign the boot loader for your operating system with the corresponding key.
1. This isn't about Microsoft having control. This is the only way to ship devices with Secure Boot enabled. What do you suggest exactly? That OEMs ship with Secure Boot enabled but without MS keys? Great. Everyone goes out, buys a new Windows laptop... and Windows doesn't boot.
2. You conveniently ignored everything about being able to disable it and enroll your own keys.
Your false ad hominem attack is insulting and wildly inaccurate. You'll note that I don't defend the use of Secure Boot on ARM where user-key-enrollment is forbidden. Not only is it insulting because it's blatantly ignoring half of my last post, it's also insulting because I've spent years campaigning against things like the Patriot Act with that quote and I'm well aware of the sentiment and enjoying freedom on my personal devices (as I tout my Galaxy Nexus with CM9 and unlocked bootloader).
