I don't believe this is true, GPLv3 only requires that the user has the ability to replace installed binaries with their own modified versions, it's not specific as to how this is accomplished. The simplest and most effective way would be to provide for key management or disabling by the end user.
If anyone ever asked me, I'd suggest that one way for manufacturers to accomplish GPLv3 compliance in this regard would be to tie the boot loader verification to some tamper evident seal inside the unit. If you break the seal then you can load your own keys or disable the boot lock and it's clear that the device software is now your responsibility and not the manufacturers, also this might disable any DRM encumbered software on the box, like media players. That seems to be a win-win, manufacturers can safely ship GPLv3 software and users have full control over their devices.