<blockquote>being able to change the keys is mandatory for Windows x86 computers. That's a big relief. </blockquote>
We do ourselves a huge disservice by allowing a distinction of acceptable lockdown between computers by architecture. ARM computers are computers just like x86 computers and run Linux and Windows just the same. We are just on the cusp of the time when ARM stops being an arch used only in phones and tablets and you get ARM servers, laptops, desktops, home-server, NAS, PVRs.
If you don't feel this is acceptable on x86 then you shouldn't feel it's acceptable on ARM either. I feel this is outrageous. It's true that locked-down bootloaders is not new, but this is going to be _standard_ locked-down bootloaders, enforced by an outfit with a great deal of power to get manufacturers to do what it wants. MS may have negligible penetration of Windows on ARM, but the windows network effects are achitecture-independent, in that if you need MS project for line-management at work, it makes no difference at all whether the machine is x86 or ARM. Except that if you tried to save energy by using ARM machines, you can't switch to Linux any more.
Most of the engineers here use Linux desktops, with a windows VM for the few things you need one for (filing expenses, project management stuff). We are keen to move desktops to ARM as soon as it's practical. EUFI lockdown could seriously hamper that process unless non-locked-down hardware is widely available. Purchasing aren't going to like having to buy different lenovo boxes depending on which OS they will put on it - they don't have to currently.
Maybe it'll be OK, and it _could_ backfire in that it'll keep Windows out of some areas (like server sales) but I'm not terribly optimisitic. MS did a good job of defeating the netbook linux option without this little advantage. I suspect they can do it again in laptops and desktops. Servers, probably not.