Yes, but there may be a technical reason for that. I’ve developed firmware for many ARM-based devices (although nothing as big as an M1), and the typical secure boot process is something along the lines of:
- Public keys burned into the chip’s e-fuses (Apple probably puts their keys in ROM for their chips)
- The on-die pre-boot firmware validates the attached-flash bootloader via those keys, allowing it to become a root of trust
- That bootloader then authenticates your OS and boots it.
The on-die pre-boot firmware is usually far too limited to boot from anything other than the chip’s local flash (either on-die or hard-wired to it).
It’s not like a PC, where the lowest-level firmware is a ROM chip on the motherboard, and the lowest-level bootloader is on a storage device.
Now, Apple could’ve designed Apple Silicon do boot in the PC way (or using Open Firmware, like they did on the PowerPC Macs), but that might be problematic with an ARM chip. I’m not sure, but every ARM processor I’ve seen boots this way, so it might require some significant changes to change that.
I disagree with this also. Unlike RAM, which needs to be tightly coupled with the CPU in order to get the performance people expect today, storage is not like that. Even Apple’s integrated flash modules are NVMe devices using PCIe lanes for connectivity.
Apple can easily put that in sockets. And they do on the Mac Studio and the Mac Pro. It’s a design choice, not a technical limit that prevents them from doing it on other model Macs.
I think that’s a side effect of the fact that Apple Silicon (like other ARM processors I’ve seen) seems to need to pull its first stage boot loader from internal flash.
But if that flash storage was replaceable, there would no longer be a practical problem. Apple could (and should) sell you a replacement module, which you can install and pair with the CPU (e.g. via Configurator), which would let you get back up and running from your clone.
They already did this for the Intel Mac Pro’s proprietary flash modules, so they know how. They just need to choose to do it.
Another option (which I think would work just fine) would be to install two distinct flash storage devices. A small SSD (doesn’t need to be very fast either) that just holds the ISC and preboot containers (what you need to boot everything else) and then the full-size SSD (however big you want to pay for) for the macOS container.
The preboot containers are written very very rarely, so it is unlikely that they’ll ever hit their write-limit over the lifetime of the computer. And if the other SSD (with macOS) fails, it won’t take down the preboot containers, allowing you to continue booting external drives.
And that option wouldn’t break Apple’s secure-boot system architecture either.