You are the one being naive. This will be a cryptographically signed stack from the TPM, to the bootloader to the OS to the browser. If you flip a single bit away from the "approved" that signature will fail.

This is why TPM should never have been allowed. It's a way for control to be removed from the user, even tho they wholly own the physical machine!

I'm not sure about this. TPMs can provide valuable features such as non-bruteforcable disk encryption and other secret management and secure boot can be valuable protection for your devices. The real problem here is that this is allowing a third-party to verify what software you are running. Doing these things on my device by my choice is one thing. Having another party require that I am using a specific unmodified software stack is another.