This is often stated as some sort of truism, but in fact this is just a statement that often happens to be true, rather than some immutable law of computers. You might equivalently say things like "All software sucks" or "Sex is fun" or "Milkshakes taste good". These are all generally true, and counterexamples are rare, but that does not mean that they are universally correct. Just like sometimes you find a good piece of software or get a bad milkshake, you can build systems such that physical access gains an attacker very little, if anything. It's expensive and takes a lot of work, but you can do it. For most uses, it is not worth that effort, since most computers are not really that valuable, nor are they placed anywhere that an attacker will normally be able to access them (your house, a colocation facility, etc). On the other hand, devices such as ATMs are both in vulnerable public locations and have a great deal of intrinsic value -- in the case of ATMs, that is not so much the fairly limited amount of cash inside of them, as it is access to the bank networks that the ATM is connected to.

In fact, of the list that argv presents, the only ones that are more or less universally correct are that it is much easier to steal or destroy the device when you have physical access. Personally I don't consider either of those particularly interesting, nor do they reflect anything upon the device in question besides the fact that it apparently doesn't come equipped with a team of killer androids to guard it. While I think that would be a wonderful value added scheme, the margins on killer androids are too low to make a good profit. Not to mention the product liability concerns...

For completeness, I will run down the list argv presents in sequence:

  • Console access, or messing with the boot loader These are simply pointing out that some operating systems don't have very good access control. Many other ones do (assuming they are configured correctly).

    Walking up to an unused but logged in console and getting something juicy is what is called a time to check to time of use (sometimes abbreviated to the lovely acronym TTCTTOU) problem. It's a common problem, and difficult to solve. I think it is worth pointing out that the exact same problem applies to any sort of remote connection as well, be it a session to a web application left open in a browser, an SSH terminal, or any other sort of channel that you can send commands over or read information from. In fact, using only the physical interface is a big disadvantage to an attacker - the machine itself could be at least somewhat secured (locked room, etc), and there is only one place to check if you want to make sure that nobody has left themselves logged in. In contrast, a remote connection might be coming from... well, anywhere, in theory, giving a nearly infinite1 number of possible places to secure or check.

    1: For small and finite values of infinite. Say a couple billion, I guess.

  • Substitution of boot media There are many well known cryptographic techniques which would prevent this. For example, the hardware could contain a small chip which checks RSA signatures on the boot loader and operating system kernel before it runs them. This is, more or less, how Palladium and TCPA will work, and within a few years most PCs are probably going to have chips just like the ones I mention courtesty of an unholy alliance of the MPAA, RIAA, Intel, IBM, AMD and Microsoft.
  • Steal the media Obviously encryption will make such an act pointless. In addition, this can be made quite difficult by, for example, covering the chip that contains the encryption keys with a metal shield and using lots of epoxy to seal it. You can drill in, but it takes some work, and there are tamper detection and response mechanisms used in high end crypto processors which can prevent all (known) physical attacks. These processors are used to secure billions of dollars worth of financial transactions. While it is certainly possible that some clever person has figured out how to defeat them and used it to steal money, this seems unlikely to me. Some of the best people in the public world doing computer security have tried to break in these processors, and generally failed. And large scale bank fraud is actually quite rare, and as breaking one of these cards could allow one to steal many millions of dollars, it seems likely that we would have heard about it. The banks often cover up fraud (European banks are especially bad about that), but it seems implausible that a single fraud event that reached into the millions of dollars would go unreported or unnoticed.

    To defeat encryption, argv suggests running a key logger or something on the machine. This makes a huge number of assumptions, presumably because argv is thinking about your typical Windows/Unix PC, not computers in general. It assumes that a key logger can actually work on the machine, which, these days, is basically only true on Windows machines where the regular user account has Admin privileges. A very common case, to be sure, but there is more to the world. A physical keylogger is a little more difficult to protect against; for that you're going to probably want smart cards that open up an encrypted tunnel between the smart card and the computer, so even if there is a tap in the reader or the line from the reader to the computer you should be safe. Assuming you can protect your smart card against differential power analysis and other nifty attacks that often work against smart cards, of course.

  • Chassis intrusion detection and self-destruct is suggested as a possible countermeasure, but the suggested problem, that "Such a system could be broken by anyone (e.g., a disgruntled employee) that knows how to disarm it." is almost silly. This is easy to work around: make it so that there is no way to disarm it. At first this seems like a really bad idea, but in fact there are plenty of devices out there like this. Doing this for an entire server or PC is obviously annoying, since you can't upgrade your hard drive to store more pr0n, which is certainly inconvenient. So typically what is done instead is put a small ARM or MIPS based computer, with its own memory and operating system, on a PCI board. This board is then covered with all kinds of stuff to stop or detect physical intrusions; if any tamper attempt is detected, the device zeros out its master crypto keys (which everything else on the device is encrypted with), and/or blows fuses which render it inoperable or physically destroy its memory. Many of these tamper detection mechanisms are extremely sophisticated; the IBM 4758 is around the top of the line and has never fallen to a physical attack.

So, the summarize, the title of this node should in fact be "If you leave your computer entirely undefended against physical attacks, and an attacker gets physical access, then your system is already compromised."