I'm not an expert in security. At all. But, why is so much being done at the boot end of this? After all, most people effected by computer in-security are windows users who probably never do anything at a boot level. Get get zapped by malware and viruses which are installed much later than boot.
I may be wrong (again) but I suspect that this has nothing to do with security ... except the security of forcing people to commit to a certain OS.