If it's turned off by default, it might as well be useless to protect the hundreds of millions of non-technical users who are more prone to get malware.
>But if I were to remove a MS key, am I right in assuming that that would prevent anybody from running windows on that machine (at least without installing the key or turning it of)?
Windows 8 boots fine without Secure Boot enabled or even supported.
However, if you remove Microsoft's key but leave Secure Boot enabled, you're indicating that you don't trust Microsoft's code, in which case Windows will be prevented from booting on that machine.
What is the value or the use case in removing Microsoft's key, leaving secure boot on and then trying to boot Windows on that machine?
The only real reason that I (as a Linux user) can see is for the amusement value, as well as the opportunity to watch others fail to boot Windows on this machine and the opportunity to engage in an extended philosophical discussion regarding this event.
What extended philosophical discussion do you intend to have? You told the computer not to trust MS code, then the computer refused to boot MS Windows.
>But if I were to remove a MS key, am I right in assuming that that would prevent anybody from running windows on that machine (at least without installing the key or turning it of)?
Windows 8 boots fine without Secure Boot enabled or even supported.
However, if you remove Microsoft's key but leave Secure Boot enabled, you're indicating that you don't trust Microsoft's code, in which case Windows will be prevented from booting on that machine.
What is the value or the use case in removing Microsoft's key, leaving secure boot on and then trying to boot Windows on that machine?