[simpleTruth]

If you've got physical access to the machine in the cage you can do anything you want, which includes bypassing BIOS and Bootloader passwords in about 5 minutes.

That assumes you have unlimited physical access. 5 minutes per machine * 80 in a rack * 1,000+ racks is a real world limitation.

PS: The NSA has a vary different approach to security than the average firm. To put this in perspective they have been known to refer to their computing power not by computer or rack but by the Acre.

[peterwwillis]

True. But it would be unfeasible to access 16,000 machines even if there was no bootloader password. The best course of action is try to identify the management/admin server and take over that, which may have unrestricted access to every server on the VLAN (or as sometimes happens, every single server period).

(Also, what's your datacenter or machine profile that you can get 80 machines per rack and not hit overheading or overload your rack power circuits? We could only get 40 to be stable, but we were using commodity gear)