Company 1 has a history of monopoly abuse (including giving OEMs financial incentives to not ship computers with competing OSes pre-installed).
Company 2 has let at least two (probably more) new mobile OSes bootstrap themselves using parts of its ecosystem.
Which company do you think is going to get the benefit of the doubt when introducing security features that make device modification more difficult?
That being said, I think the biggest issue with UEFI secure boot isn't the idea, it's the implementation. People have reported things like confusing, hard-to-use key enrollment interfaces (that sometimes don't work or even don't exist at all) and other crazy, undocumented restrictions (e.g. only allowing OSes with certain names). And there's a lot of concern that these issues won't be fixed in a timely fashion, because installing an alternative OS is a corner case use for most OEMs. And then there's the issue that there's no shared authority (across most OEMs) for signing off on bootloaders other than Microsoft. Add past history into all of that...
Meanwhile, on the Android side, there's a clear, standard unlocking process, implemented on the Nexus devices of each generation (worth noting that the Nexus 5 support was added to a well-known rooting tool within minutes of the tools developer getting the device). Yes, there's still potential for problems and abuse (e.g. bootloaders locked by manufacturers, usually by carrier request), but the issues and pitfalls are relatively well-understood, including ways of avoiding them (buy from manufacturers that offer a bootloader unlock process, avoid AT&T and Verizon-specific devices and so on). And these issues need to be balanced against the security benefits. There are certainly still issues to watch out for, but past history suggests that they will be balanced appropriately.
Company 1 has a history of monopoly abuse (including giving OEMs financial incentives to not ship computers with competing OSes pre-installed).
Company 2 has let at least two (probably more) new mobile OSes bootstrap themselves using parts of its ecosystem.
Which company do you think is going to get the benefit of the doubt when introducing security features that make device modification more difficult?
That being said, I think the biggest issue with UEFI secure boot isn't the idea, it's the implementation. People have reported things like confusing, hard-to-use key enrollment interfaces (that sometimes don't work or even don't exist at all) and other crazy, undocumented restrictions (e.g. only allowing OSes with certain names). And there's a lot of concern that these issues won't be fixed in a timely fashion, because installing an alternative OS is a corner case use for most OEMs. And then there's the issue that there's no shared authority (across most OEMs) for signing off on bootloaders other than Microsoft. Add past history into all of that...
Meanwhile, on the Android side, there's a clear, standard unlocking process, implemented on the Nexus devices of each generation (worth noting that the Nexus 5 support was added to a well-known rooting tool within minutes of the tools developer getting the device). Yes, there's still potential for problems and abuse (e.g. bootloaders locked by manufacturers, usually by carrier request), but the issues and pitfalls are relatively well-understood, including ways of avoiding them (buy from manufacturers that offer a bootloader unlock process, avoid AT&T and Verizon-specific devices and so on). And these issues need to be balanced against the security benefits. There are certainly still issues to watch out for, but past history suggests that they will be balanced appropriately.