works as intended

As with all security, it's just risk management and deterrents. No security is 100%. Just doesn't exist. All a security system can do is reduce the risk of a breach by introducing increasingly difficult-to-overcome deterrents.

The classic example is home security. People lock their doors, sometimes with multiple locks. They place shim bars in windows. They buy alarm systems. They get dogs. The rich might even hire guards. But at the end of the day, there is no home that cannot be broken into if the robber has the time, skill, resources, and -- most important of all -- the determination.

Same goes for computers. Sure, you could replace a mobo, or sodder on some different chips, or whatever. But that's a lot of work, requires time, money, and know-how. It also requires "full" physical access vs "partial" physical access. That is, you need access to more than the cd tray and power button, which in a secured server room might require case keys.

Basically, it's easier to reboot to a LiveCD than to modify hardware. Therefor, hardware-assisted security is more powerful and lowers risks beyond what a software-only solution can provide.