Literally the only difference between a system with secure boot and one without is that unsigned boot components (such as the ones used by prior UEFI bootkits) won't boot. The fact that they don't work is absolutely evidence of the effectiveness of the control.