Comment by marcan_42

Support for external disks massively increases the attack surface of the security-sensitive iBoot bootloader, and anything messing with USB (nevermind Thunderbolt) is almost guaranteed to have exploitable attack surface. This was absolutely a technical decision. iBoot is a lot simpler not supporting external storage.

The SecureROM boots iBoot1 from NOR flash, then that has the SSD driver code. It would certainly be possible to add support for external storage, as long as it still fits in NOR. But I doubt they will.