And how many times has Intel's trusted computing platform been breached now? Would you also claim that SGX is not a meaningful security measure? Recall that the alternative to SecureBoot is ... oh that's right, there isn't an equivalent alternative.

People have broken into bank vaults. That doesn't mean that bank vaults don't provide meaningful security.

> So do UEFI systems. Install OS, test boot, enroll PK.

"Enroll PK" is "draw the rest of the fucking owl" territory.

I believe you somewhat misunderstood OP. The description was of the empty hardware. Typical hardware would ship with an OS already installed and marked as trusted. It's the flow for changing the OS that would be different.

> automatically enroll the first key it sees from disk (supply chain issue, like I posted)

I'm unconvinced. You're supposing an attacker that can compromise an OEM's imaging solution but not the (user configurable!) key store? That seems like an overly specific attack vector to me.