>"Secure Boot" isn't actually there to protect the device from an attacker. It's there to "protect" the device from its own user. It's used to "secure" DRM schemes and App Store revenue streams.

1. Basically all the serious DRMs (eg. widevine L1) rely on the content being encrypted all the way to the display itself. The OS, secure boot or not, never sees the content in cleartext, because decryption happens in a secure enclave and is immediately encrypted to the display using HDCP.

2. The "app store revenue stream" excuse doesn't really make sense, because you can easily install third party apps on Android, even though nearly all phones have locked bootloaders.

Which is why even "unlocked" bootloader doesn't let the user load his own code into TrustZone.

The name "TrustZone" is rather ironic. It's most commonly used to run DRM code the user should never ever trust.