Comment by garaetjjte

>As I see it, we got lucky with the x86 architecture

x86 situation is actually horrible. Not only there are SMM interrupts that are continuing to execute firmware code outside of OS control, it also has proprietary security processors running signed code (ME/PSP) with potentially unlimited access to main memory. M1 fares much better in category of "amount of proprietary code running that might affect your security": no firmware code running at all on the main CPU after bootloader passes control to the OS, and all coprocessors are safely gated behind IOMMUs.

As for other ARM PC consumer devices, they will probably use whatever Windows requires to boot, which is UEFI + ACPI.