[saagarjha]

> And, the typical scenario will be a user who leaves it disabled, making both macOS and Linux and possibly Windows (if also installed) more vulnerable to bootkit attacks.

No way. The typical user will leave it enabled because they will only use macOS.

[X-Istence]

Bootcamp will also install Microsoft's root for UEFI so that Windows 10 can run fully secure.

[userbinator]

So Apple will let you run macOS or Windows, but not Linux or anything else. Wow. This is the exact scenario the secure boot opponents several years ago were trying to stop.

[oarsinsync]

No, Apple will let you secure boot into macOS or Windows, and will allow you to disable secure boot so you can boot into Linux or anything else.