Tom,
Right. Apple previously didn't *enable* this function, but they didn't take security actions to make it impossible, either. Now, they have. So now, if you want to enable TRIM, you have to install a patch or take action manually that disables the *entire* driver signing mechanism.
That's bad design.
Now, you can argue that you don't make the system any less secure under OS X 10.10 than it was under OS X 10.9, since you're disabling a feature that wasn't previously available. Nonetheless, if the goal is to improve the security environment for all users, you need to offer security features that users don't need to disable to keep using their previously purchased hardware.
That's the real problem here. And while I absolutely agree that Apple didn't previously support this mode directly, they're now forcing users to pick between a less secure operating mode or buying new, Apple approved hardware at Apple-decided prices.