Arch supports secure boot, by extension so do we, you need to add the bootloader to your firmwares trusted bootloaders with some devices if you are using multi-boot with a windows os. I’ve always just left secure boot enabled and personally haven’t had a problem.
Try and install Plop on your Windows Operating System. When your computer starts up, before you see the Windows logo you should see the Plop boot manager, and it will give you two options, whether to boot into Windows or to start Plop manager, start Plop and then you will be given the option to boot via USB
I have never heard of shim, can you please tell me what this is and what it does?
Nope not at all sorry about that. As far as I am aware, the way Plop works is by doing something to Windows that whenever you start your computer, before seeing the boot screen you will get two options, either to start Windows or to start Plop. After you click on Plop then you can boot from USB connection. That is all I know.
There is another option however. I can say that in Plop you are also given the option to write to MBR if you click on the file called InstallToMBR.bat. An alternative is to install EasyBCD and through that you can install Plop and I don’t know if it can bypass the HP protection or not.