Make sure that someone doesn't tamper with your device. No, it's not infallible. Yes, it's better than nothing.

If I have access to the physical device and the SD card/USB drive in order to pull off an attack that secure boot prevents, then why wouldn't I just take the whole damn device and swap it with my own? Presumably the network/gpio/etc. are the important part here and not the Pi.

Well, if you have physical access, you can always do basically anything. I'm sure you can easily mess up a lot of industrial equipment with your bare hands.

However, let's say that the said industrial equipment is stored in a security box, with tamper-resistant screws, and you are on camera. It's a lot harder to tamper with then, compared to just plugging in a flash drive and rebooting the Pi into USB boot; at least in theory. Ditto for helping to prevent persistent remote attacks.

You'd presumably be using the secure boot to authenticate the device, on the network and elsewhere.

Why would someone tamper a RPI? Usually most people don't really store anything important on a RPI, other than services like searx or whatever.

It's not a powerful device for hosting databases, it's not really used for storage, only for small things like a Kodi server and even that lags.

There are several industry grade devices based on raspberry pi platform, LOL. Not just media servers. Some people also deploy them outdoors to stuff like weather, ADS-B etc. Some make it into cubesats. Don't just underestimate its use cases.

It has many use cases, but they don't really need extreme security. Secure boot is not really needed for something that's always running (a server).

I think the final user or implementor must be a judge of that not us.

Or the mitigation of someone running unsigned code on your product using an embedded pi.

Stop some ways supply chain attacks can happen.

Probably some other use cases I've not considered too.

DRM and Treacherous Computing.

Except you can use your own keys? Nothing stops you from signing the stuff yourself (other comments in this thread link to a step by step guide!)