I've been reading about and by necessity mucking about with UEFI boot-related matters the past while as I get settled with Linux, reorganize partitions, etc., which led eventually to this – a sobering & still-topical read on the hardware/firmware-level erosion of your privacy and control of your own IT:
https://pluralistic.net/2024/01/18/descartes-delenda-est/#self-destruct-sequence-initiated
More here: https://en.wikipedia.org/wiki/UEFI#Secure_Boot_criticism