Why this doesn't matter for security
Actually the Monty Pythons provided us with a great metaphor for the problem.
UEFI security is just like the Black Knight. He's stationed at a bridge. (as seen by the tent and the fire) And does his best to keep people from crossing it. And at first he succeeds with it. That's just like UEFI secure boot which tries to bring security by restricting the boot process and restricting the firmware you can boot.
Then Sir Lancelot comes and fights with him, hacking off limb after limb while the knight doesn't seem to understand that even after having lost the first arm he essentially lost. This is what we are seeing here. First the Samsung debacle which sheds some light on the bad code quality of the UEFI code, then a careless vendor leaving the secret signing key lying around.
In the end we see Sir Lancelot crossing that bridge. It's not a large bridge, with much less effort and risk than fighting the Black Knight, he could have easily crossed it at another point. So fighting the Black Knight was entirely pointless. It's similar for UEFI. Sure once you managed to change the boot code you could do just about anything with ease, however in order to access the boot process at all, you must first bypass all the security measures you want to bypass by for example virtualizating the kernel. So you must already be at the goal to start your journey. You already must be root to begin with it.
One really wonders why they haven't learned from history.