I’ve never understood the fascination with perceiving Secure Boot as ushering in an age of tech serfdom. From almost the beginning, they signed Red Hat’s boot shim which made it totally useless for locking people to Windows. I don’t think this was ever the plan, and the motivations aren’t there unless you buy all that stuff about every huge tech company hating “universal computers” on principle. Linux is not a measurable thorn in Microsoft’s side on the desktop market, and they don’t have nearly enough leverage to make OEMs stop selling Linux servers.
Because IBM/RHEL pays Microsoft for the key (shim). Plus with Linus/BSD, once boot starts their own microcode is loaded.
Secure boot as far as Linux is concerned is extortion from the users.
I’m guessing the source for Red Hat having to pay to have the shim signed is “I made it the fuck up”, but even if it was true I’m not going to cry about an IBM subsidiary paying money to give me a free service. And this is all ignoring the fact that I’ve never encountered an x86 motherboard that didn’t let you set your own keys.