Observation
Any security system that relies on a user never making a mistake is fundamentally flawed; users will make mistakes. Thus the UEFI security model was written by complete idiots who are relying on user perfection. Everyone (and I am including myself in this) will make mistakes when it comes to security for numerous reasons, even the most skilled and aware. It justs takes the right person to make the mistake and security just got flushed.