There should be some “Sane Usage” certification that a device doesn’t do secure boot, provides fully open and self-maintainable hardware, is independent of all external entities for ongoing use, provides hardware switches to turn off built-ins like ports, mics, and cameras, for power-savings and security.
"Will this piss off or delight Microsoft?" is probably a thought that goes through the heads of many OEMs when they decide how to design their machines.
To be able to get Windows licenses and preload Windows on your system, put that little Windows sticker and sell your machine to the masses, you need a Windows Compatibility certificate, and that certificate needs you to have Secure Boot and enabled by default.
Sounds anti-competitive as fuck to me. Maybe we should, I don't know; do something about companies using contractual requirements to lock key industrial into one way of doing things in order to shut down such efforts?
Microsoft has been trying to tread a fine line between exerting subtle pressure on OEMs to make Linux annoying to boot so it doesnt become more popular and not violating the terms of its antitrust agreement.