It makes attacks much more limited. You need physical access to whatever machine you're attacking, versus being able to distribute code to millions of machines at once over the internet. That matters a ton.