Comment by bigfatkitten
1 day ago
Secure boot is desirable for a lot of reasons including design protection (stopping your product being cloned), supply chain security, preventing malicious updates etc.
The question is one of how you can hand control to the user without endangering your legitimate commercial interests as well as the security of the rest of the fleet, exactly how you tackle that will depend on the product.
Don't get me wrong, I like secure boot and securing the boot chain more generally. Was just trying to respond on the merits here.
How would you envision the opt-in process for the unlocked second stage bootloader?