Make the control key writable. The user would need so sign the new key with the current key in order to write the new key (that would prevent malware from replacing the key with its own, taking control away from the user). Another way would be to require the user to flip a hardware switch before the boot guard key is replaced (malware can't flip random hardware switches on their own). The vendor would provide the initial private key to the user upon computer purchase and if they would not, they would be legally liable for fraud (the key to this feature would need to be legally declared to be the "title" for the computer and if the seller says in ads etc that "you own the computer" but they fail to provide the title to the computer (the Boot Guard Private Key), the user shall be able to sue the key out of them along with punitive damages.