I'm not sure I understand this but if you prefer it in terms of strange analogies - you're walking past a construction site where they're building a highrise and see they're hammering a giant steel pylon into the ground. You smirk and say 'that won't keep the rain out!'.

My analogy was somewhat stupid and I apologize.

Stated better: it appears to me that the consequence of a malicious app getting root is already so incredibly catastrophic, that at that point it makes little difference whether or not SIP is enabled.

Right, and I'm trying (and seemingly failing, sorry) to convince you you are looking at it backwards. SIP is not there to magically save you in a system where an all-powerful administrative account is compromised. The goal is to come up with a system that doesn't have something like an all-powerful administrative account, among other security improvements. It's only part of an effort to retrofit an existing consumer desktop OS to be more resilient to adversarial software - a long and arduous one that all makers of consumer OS'es are engaged in and have been for years.

Put another way, you’re saying macOS’s admin account is currently too powerful? Even if Apple is able to eventually change that—and it would take a while—it doesn’t make SIP useful for security as of right now.

Edit: Also, security be damned, I don’t want to use an OS without a proper root account! So while not entirely relevent to the discussion, I know that I would either continue to turn off SIP or move to another platform.

You get around it with things like SIP. Getting root on iOS is not, for instance, the absolute security game-over you are describing and it's a related OS.

Let's say you wanted an OS with better privilege control and other clever security doodads people have come up with in the years since merely having user accounts seemed like unconscionable oppression. If you don't care about backward compatibility much and start with Linux and a JVM you might end up with something like Android. If you start Linux and Chrome you might end up with something like ChromeOS. If you start with OS X you might end up with something like iOS. If you start from scratch you might end up with something like Fuchsia.

But what if you do care about backward compatibility? You then have a far more difficult, thankless and long-term job. If you start with OS X, somewhere along the line you'll have something like OS X + SIP + Sandbox + FDE. Or Windows NT + UAC + irritating autoreboots in the middle of the night. We're in the 'somewhere along the line' stage.