If you own the computer, you can enroll your own keys and sign any operating system you want. The UEFI vendors don't necessarily make this easy to do, nor do they support it in a consistent way, but it's there. Of course, Microsoft has no incentive to make this any easier, since their keys come preloaded on every computer.
The primary function of Secure Boot is to protect against bootkits. In a way, you're right, because for most desktop/laptop computers, a bootkit is indeed a "non-Windows operating system" that shouldn't be allowed to run. It's hard to get clear numbers on how prevalent bootkits actually are, but they're not purely theoretical. They can also be chained into compromising the UEFI and peripheral device firmware. So there's a real security threat being addressed by Secure Boot. Whether it should be required or not is really about the question of where the responsibility boundary between Microsoft and the end user lies.
> If you own the computer, you can enroll your own keys and sign any operating system you want. The UEFI vendors don't necessarily make this easy to do, nor do they support it in a consistent way, but it's there
This is not unilaterally true and there is no reason they won't try to push more locked down computers now that the base technology is accepted.
> The primary function of Secure Boot is to protect against bootkits.
Which are pure FUD when it comes to regular users. Once your computer is owned to the point where a bootkit can install itself all the user data (what actually matters) is already long gone. Secure boot isn't going to help you one bit.
"They" will absolutely push more locked down computers, indeed this has become the norm in many areas of computing already, like smartphones, tablets, and video game consoles. For that same regular user, though, this is irrelevant: they're never going to install a different operating system.
A computer once compromised by a bootkit is also e-waste. It can never be trusted again. Now, I think an argument can be made that Secure Boot as implemented on most PCs isn't enough to truly protect against bootkits, but that just leads us to even more aggressive ways of locking people out of fully controlling their own computers.
Ultimately, Microsoft (and any PC O/S vendor that might supplant them in the future) will be expected by enterprises, judges, legislators, average home users, etc. to take responsibility for exploitation of "their" systems. Computers connected to the Internet 24/7 cannot rely on end-user discretion alone, and the effectiveness of such discretion varies widely anyway.
"Services open to the Internet" is more of a 2000s problem than a modern problem. Operating systems default to being a lot less trusting of local networks today, and nearly every place you'd connect to WiFi already has a router with a "drop all unsolicited packets" policy. MITM is the big risk here, and the best way to address it is by using secure protocols (HTTPS, SSH, etc.) everywhere.
Mandatory code signing for web sites would go a long way to addressing some of the most common types of exploits we see today, and that doesn't require a TPM. I'd love to see it, but it is going to require some infrastructure and enforcement to work, and it too could become user-hostile (e.g., you can't block ads, because that would change the code).
> "Services open to the Internet" is more of a 2000s problem than a modern problem.
Then why does Windows need a firewall that's on by default, if it has no open services?
> Mandatory code signing for web sites would go a long way to addressing some of the most common types of exploits we see today
All the spam I'm filtering today has their DKIM and domain whatever and and and ... in order. I'm sure it would be the same for $random_phishing_site. They do have legit looking SSL certs don't they?
> it too could become user-hostile (e.g., you can't block ads, because that would change the code)
Or even worse, you'd need to submit your site to a review from some authority, App Store style. Pay for the signature. Pay for the review process.
Can you spell barrier to entry and speech that's restricted via financial means?
BitLocker is not useful? Have you tried configuring LUKS with TPM? I recently got in trouble cause I tried that, dracut rewrote my initrd but missed some options (somehow when dracut is missing a module it's just a warning?!) in the setupcrypt so the damn thing wouldn't boot. Compared to the super streamlined experience with BitLocker (where the largest hassle is that you have to type your recovery key) it's a joke.
And the alternative is ZFS encryption which apparently still has data loss race condition bugs and the person submitting patches to fix those admits they have no idea why that happens.
The primary function of Secure Boot is to protect against bootkits. In a way, you're right, because for most desktop/laptop computers, a bootkit is indeed a "non-Windows operating system" that shouldn't be allowed to run. It's hard to get clear numbers on how prevalent bootkits actually are, but they're not purely theoretical. They can also be chained into compromising the UEFI and peripheral device firmware. So there's a real security threat being addressed by Secure Boot. Whether it should be required or not is really about the question of where the responsibility boundary between Microsoft and the end user lies.