>"Secure Boot" isn't actually there to protect the device from an attacker. It's there to "protect" the device from its own user. It's used to "secure" DRM schemes and App Store revenue streams.
1. Basically all the serious DRMs (eg. widevine L1) rely on the content being encrypted all the way to the display itself. The OS, secure boot or not, never sees the content in cleartext, because decryption happens in a secure enclave and is immediately encrypted to the display using HDCP.
2. The "app store revenue stream" excuse doesn't really make sense, because you can easily install third party apps on Android, even though nearly all phones have locked bootloaders.
1. Basically all the serious DRMs (eg. widevine L1) rely on the content being encrypted all the way to the display itself. The OS, secure boot or not, never sees the content in cleartext, because decryption happens in a secure enclave and is immediately encrypted to the display using HDCP.
2. The "app store revenue stream" excuse doesn't really make sense, because you can easily install third party apps on Android, even though nearly all phones have locked bootloaders.