It was everything for awhile, but the end architecture design did allow people to choose to not use secure-boot or to load their own keys on some boards. It did make some devices - mainly tabletized laptops - pretty much unusable for anything but the installed OS though.
Browser DRM though… That’s just getting started
I setup a mini PC that runs as a PXE server. Pretty much anything with an Ethernet port can boot from it and play a bunch of of classic games I’ve got on disc, plus some GoG titles etc. It’s awesome.
Projects like OpenSpy also make some of the old dead titles playable again
This is one reason why the changes to the boot process on X86 were a major concern, if machines only boot an an OS with a “trusted” signing keys then it is a pretty straight path to MS-only. Lack of published architecture assist gets here and there are X86 machines that will fail spectacularly on Linux due to this (weird EFI boot stuff, certain chipsets for such drivers can’t be had or made, etc). Hardware-level DRM is a major threat.
Then add in stuff like browser-based DRM. Oh cool, you can install whatever you want but this differently stuff will only play on Chrome with the DRM extension enabled, maybe sending CPUID info, and doing a bunch of other stuff for lock-in that makes the IE6+ActiveX/MS-JS pale in comparison
A lot of people will probably just continue using Windows 10, but yeah now I’m wondering what the best models are that don’t quiiiite support 11. I’d love to snag an decent tablet-PC