Unix philosophy has long been that the person with physical access to the machine owns it. This would only be acceptable for a very specific class of compute jobs where nobody cares if you hack them. Like computation for charitable purposes. You could never host peoples personal or business data in this. Furthermore bandwidth would be limited and unreliable, as would power.
Physical access means you can directly measure things that would otherwise be secret. Nothing stops you from reading the contents of memory wholesale, for one simple example.
For some things we are, but I don't know how far along open source software is currently. It would take a major incentive to get people to even talk openly about what's possible in this space.
CPU Technology like Intel Software Guard Extension or AMDs Secure Memory Encryption closes that gap as well. It's not magic and might be flawed in its current forms - I'm no expert on that - but I do believe in a not too far away future physical access will no longer provide cheap attack vectors.
Physical intrusion detection can be defeated. All it takes is one person to open it up to document where the microswitches are, and a careful bit of work with some tin snips and you're in.
Yes all physical security can be defeated but you could make it exceptionally difficult to do. As an example, I used to work on financial terminals and sat across the isle from one of the security engineers. They actually embedded conductors in the case that created a known EM field when the case was closed. If you opened the case, it disturbed the field and erases the keys. If you drill a hole in the case, it disturbs the field. If you melt the case and insert a metallic object (screw driver or knife) it disturbs the field. This was just one of the physical security measures.
tl;dr - modern physical security is much more than microswitches.
I'm not sure. Say you have a few TBs of random sensor data to crunch, and you allocate chunks of a few GBs to each node. What can anyone in practice do with that? Especially if you have checks to avoid tampering with results (e.g. processing every chunk twice).
"Especially if you have checks to avoid tampering with results (e.g. processing every chunk twice)."
See, that's the problem every time this comes up (and it's come up about as often as micropayments). By the time you get done accounting for the unreliability, hostile end-users, lack of access, customer support, low-grade obsolete inefficient un-fixable infrastructure, increased avenues for attack, duplicate processing, super-high latency, super-low bandwidth etc, you've created something that's several times slower, more expensive, more unreliable, more complex, and harder to upgrade than if you'd just stuck it all in a datacenter where you don't have to propose insane mechanisms like double your computations.
Unix philosophy has long been that the person with physical access to the machine owns it. This would only be acceptable for a very specific class of compute jobs where nobody cares if you hack them. Like computation for charitable purposes. You could never host peoples personal or business data in this. Furthermore bandwidth would be limited and unreliable, as would power.