Either secure boot brings more security, or it was in fact designed to lock Linux away.
Since even you recognise that the benefits in the security area are negligible...
And all the sucessfull Linux installs only prove on thing: the community was able to find and excellent solution to work around the problem!
If we look at the secure boot specifications we can easily see the intent:
.MS controls everything
.We pay MS to boot Linux
.Vague specifications about interface or mechanisms to disable/bypass this system
.Little security added
.And now, the master key is on the wild... which everyone knew it could happen

Just my two cents.

Was thinking the same. Are there ARM/RT ThinkPads? Sounds like something cheap and durable for the better GNU/Linux work...

Now that this key is out, the Surface RT is now a pretty awesome bit of kit and I probably would have bought one new.

Microsoft are retarded for locking down Windows RT.

So... you're trying to be sarcastic? News for you: sarcasm doesn't work over the internet, because nobody can see your intonation and facial expression.

How unreliable is it to run "fastboot oem unlock" or "fastboot flashing unlock" (new form)?
Oh right, you have a locked out SAMSUCK. Why would you even BUY a SAMSUCK? Its not as if there aren't a billion websites telling you that they're crippled crap with bloat.
Buy a GOOD phone, unlock the bloody thing, and build a boot image from AOSP source with TWO patches and ONE extra file;
(1) System core patch: https://github.com/seSuperuser/AOSP-...tem_core.patch
(2) sepolicy patch: https://github.com/seSuperuser/AOSP-...sepolicy.patch
(3) "su" binary located at /sbin/ built from: https://github.com/seSuperuser/Super...peruser/jni/su

Then you install superuser application as any other application, either built from source (same repository as the su source) or from play store: https://play.google.com/store/apps/d...uperuser&hl=en

So do tell me... where are the "hacks"? Where is the "unreliability"?

I had to scratch my head for a minute on that one, website looked perfectly ok, no trippyness, just a bunch of text, the way the internet was meant to be.
Then I noticed the unobtrusive blue bar at the bottom of the screen... oh right, "Scripts Currently Forbidden".

Seriously dude, you need to use noscript plugin. It makes the internet a WAY happier place.

Actually it references the cracking scene. Cracked games had a "cracktro" like this one.

How can something be secure if something called "The golden key" even exists

For us, this is really a non-problem. Unless you can't replace or disable the Microsoft key in the UEFI menu, or were using one of these Microsoft-issued keys.
You can still install your own trust chain if you could, and it won't be altered.

That said, it opens a whole new world of custom OS installations on some of the most locked down Microsoft products (phone and RT).
I would be interested in knowing whether the Xbox one is affected or not. This could get really interesting.

Btw, This is great news for running custom roms on Windows Phones.

Back then Secure Boot was an issue for both camps, as most UEFI firmwares weren't (many still aren't) able to turn it off without a firmware upgrade first to a later version, so whatever was new had to stay locked to Windows for a year or so.
Many many UEFI don't accept custom keys, so you can only disable it alltogether.

THat said, yes, it clearly was a way to get more control over what could run in UEFI systems, why does MS have the master key? Because they were the ones you had to pass through to get "official" keys

Nah, we had malware in MBR area on HDDs, but they won't touch UEFI boot process because they like fair play.

Secure Boot should have been like the one on Android (or embedded anyway) if it was for Microsoft. Point is, OEMs and hardware manufacturers weren't that OK with it so it never went like that.