One of items often missing from discussions on security on the Internet is that the first step of security is physical security. Phrases like "once they have it it's over", "DRM is not security" are not just mantras, it's reflecting that.
To secure a thing, you are supposed to literally secure the thing, as in, placing the equipment away from walls, bolted down to the floor, chassis locked and rigged for self destruction, perimeters patrolled and monitored by armed guards.
Software security is additional parts that build on top of that physical security. Hardware root of trust, Secure Boot, code signing, all helps, but physical security has to come first.
If you're throwing out the coffee maker not securely erased(military guys call it zeroizing - cool), or not maintaining custody of it by either keeping it to yourself or having dogs and your grandsons taking part watching it at all times, then the coffee maker is technically not secure, by any of those alone.
To secure a thing, you are supposed to literally secure the thing, as in, placing the equipment away from walls, bolted down to the floor, chassis locked and rigged for self destruction, perimeters patrolled and monitored by armed guards.
Software security is additional parts that build on top of that physical security. Hardware root of trust, Secure Boot, code signing, all helps, but physical security has to come first.
If you're throwing out the coffee maker not securely erased(military guys call it zeroizing - cool), or not maintaining custody of it by either keeping it to yourself or having dogs and your grandsons taking part watching it at all times, then the coffee maker is technically not secure, by any of those alone.