Thank you for your post - But you must understand that the above is in and of itself an engineering decision.
There is no real reason not to make card BIOS mechanically protected, outside of the inconvenience of manual switching. I understand BIOS extensibility, and I really do wish it was true that such info was kept on the platters - If it were true, then I should be able to swap cards between hdds (like we did back in the day) to effect repairs and retrieve data.
The size of any BIOS I am aware of can easily fit on on-board chips on the card with plenty of room for BIOS revisions, especially considering the size of flash chips available today. That part (the actual executable programming) should be all that is on the card, and that should, by all, means be protected by jumper.
Look at computer BIOS for comparison - writable to an extent, so extensible, but the actual BIOS itself must be flashed - all on-chip. Controller BIOS is no where near the size of Computer BIOS, and computer BIOS is still quite tiny (if it is still CMOS)
This issue has been coming for a very long time. I can remember this being predicted way back when vid cards started going flash enabled. Shoot, they won't even write protect thumb drives for Pete's sake... That's just dumb.
However, what about vulnerabilities within the firmware itself? There could be malformed sata commands, magic bit sequences, etc. that could very well allow new code to be placed on the platters and hidden from the host OS. Or data to be ferreted away for later retrieval.
So an immutable firmware would close one more door, but there are possibly so many more open.
To me, there is nothing that can mitigate these sorts of risks, barring not using machines. Sometimes, even as a systems software engineer myself, a Frank Herbert Dune-esque future seems positively alluring.