mmm... manually taking it out is cumbersome. And leaves some time vulnerable to remote attacks (during boot and between boot and removal).
Sure. Same issue w.r.t how realistic such an attack would be compared to the clear and obvious attacks to your freedom perpetrated in the name of "secure boot".
uSD cards already have a microcontroller in them. And some have been hacked, I think. You could design one that has a way to define a read only part (not like the SD cards that have that switch which only asks the O.S. "please don't write me" but like the microcontrolled answering "nah nah nah I don't hear you" when write requests to the specified range arrive).
Probably easier would be to make a µSd card where the little switch is not just advisory but is "put [...] in serial to the write enable in the EEPROM or NAND" on the card ;-)
Stefan