Yeah. Privilege escalation could turn off secure boot - at least all I needed was admin to turn it off last time I tested that. So that risk remains, but it is pretty obvious that this is happening when you boot, because it tells you and iirc it doesn't auto boot then.

Yea the only obvious hole I can think of without thinking too much about it would be something infecting the boot loader, a physical switch would prevent that, but there's probably other ways to mitigate.

justin_shocknet

That's a good idea! I'm quite sure that all data is encrypted at rest by default on all M* Mac models so all you'd need is a second system partition. Never mount them at the same time and you'll have acceptable protection on anything that doesn't have chip vulns. So M3 and up is fine right now.