They've gone on the record that they saw significantly better end-user security when the hardware used had TPM, SecureBoot, et al. to ward off common attack vectors.
Common attack vectors aren't warded off by SecureBoot. Alternative OSes and messing with your own computer are the ones impacted. None of the common attacks on Windows need rewriting your boot loader.
It's essential for TCPI platform attestation, that has come back into fashion recently.
If with security you mean them having the ability to use your computer against you then yeah. They dont care about your security, they care about securing their profits which they will be able to safeguard with remote attestation and DRM.
It won't be your computer anymore, it will be a platform for them to show you ads on.
I genuinely struggling to see how TPM or SecureBoot improves security for normal users. The vast majority of attacks are not done by evil maids, but by zero-days, poorly configured software, or being phised.
my 2014 PC has TPM 2.0 and supports secure boot but is not on the list of supported chips
not that it matters, I binned Windows everywhere when it was clear with Windows 10 release that the platform is now designed to work against the users interests
Security.
They've gone on the record that they saw significantly better end-user security when the hardware used had TPM, SecureBoot, et al. to ward off common attack vectors.
I am inclined to believe them.