So if someone breaks into my house and gets access to my device and another device on my network to execute a man in the middle attack, they could bypass secureboot which I don’t use anyway? Because I’m okay with that.

Even more non-news than the TPM thing

Given you need physical access (afaiu), there’s an easier root route: you come with a flash drive that also has shim, boot from it, and do whatever you wanted to do.

Now if you don’t want whoever to be able to bypass suckure boot, you remove microshit’s keys and install your own ones. Coincidentally, you don’t really need a crutch - that is shim - in that case.

The author sounds like they don’t fully understand Linux or how Linux boots.

Anyone can just boot off of a USB or remove and modify the disk. The really protection for Linux is full disk encryption with a strong password.