When I was writing that post, I had actually added a second paragraph, that basically said "I hope there were some standard mechanisms for the hardware to refuse mounting without a password or some other verification system". I eventually deleted it because there might well be something of the sort already, in the bowels of TPM specs and similar.
There is no reason, imho, why we shouldn't strive to "encrypt all the things", including buses, so that data is guaranteed to be available only to fully-trusted chains. This should obviously be configurable by administrators, with destruction guarantees when options are relaxed. This will not be for everyone (and yes, it will likely always be weak against the $5-wrench attack), but for people who really need it (like deployed troops, whose default opsec practices are typically too lax to be left to humans).
There is no reason, imho, why we shouldn't strive to "encrypt all the things", including buses, so that data is guaranteed to be available only to fully-trusted chains. This should obviously be configurable by administrators, with destruction guarantees when options are relaxed. This will not be for everyone (and yes, it will likely always be weak against the $5-wrench attack), but for people who really need it (like deployed troops, whose default opsec practices are typically too lax to be left to humans).