How can they offer a secure boot solution under the GPLv3 - my understanding is the anti tivoization clauses means they need to release their keys or allow admins and hackers and others to escape the secure boot chain if they are physically in front of the machine or own the machine.
I don't know anything, but I remember hearing it's secure boot with only their releases, if you want to run your own software it's not secure boot anymore, but you're free to run whatever you want.
One issue with this is normally this requires a bypass of secure boot option.
So device is not set and forget secure, but you have to physically secure it (not that you wouldn't, but now it can really matter if someone has physical access to the machine).
GPLv3 has been used more recently as a block to others taking code and developing things further given some of the clauses and incompatibilities it introduced.
