It very clearly is restrictive of software freedom. I've never suffered from an evil maid breaking into my house to access my computer, but I've _very_ frequently suffered from corporations trying to prevent me from doing what I wish with my own things. We need to push back on this notion that this sort of thing was _ever_ for the end-user's benefit, because it's not.
This happens much less frequently than the manufacturer of "my" computing device verifies that I haven't tampered with it. On net, it's a wholesale destruction of user freedom.
"it's a wholesale destruction of user freedom." This is ridiculously hyperbolic language for what are basically fancy digital signatures. There is nothing stopping you from using two different systems, one that passes attestation and one that doesn't.
The better question then is why the actual f** can an OTA firmware update touch anything in the steering or powertrain of the car, or why do I even need a computer that's connected to anything, and one which does more than just make sure I get the right amount of fuel and spark, or why on earth do people tolerate this sort of insanity.
If a malicious update can be pushed because of some failure in the signature verification checks (which already exist), what makes you think the threat actor won’t have access to signing keys?
This is not what attestation is even seeking to solve.
Firmware upgrades don't need to use the same protocols. Without secure boot any applet can take a security hole escalate and persist until you take a trip to a zone of interest.
With secure-boot+attestation, the vendors can choose not to let you download the latest map data, report you to the authorities, etc.
