Users who care enough to do so can enrol their own keys using the extremely well documented process to do that.

Users who don’t care about the runtime integrity of their machine can just turn it off.

Both options are so easy that you could’ve learned how to do them on your machine in the time that you spent posting misinformation in this thread.