Well, I've been thinking about this a while, and figured I'd post it here and see what kinds of ideas/responses I managed to get back... but, let's just say that I'm working on/with a "new converged" device (eg. the HandSpring Trio, Danger's hiptop Sidekick and various other PocketPCs -- just to mention a few).

Part of the many features of many of these devices, though, is a handy SD Card or similar, often with an "autoboot" feature or, well... these cards, continually getting cheaper and cheaper (especially for smaller capacity cards). And, well... I keep wondering how "tough" it would be for someone to create a trojan or similar nasty program that, when slid in to the slot would install and hide itself (autoboot anyone?) and immediately create a TCP connection out to a host of its choice and, well... say goodbye to your data and your privacy? Slide the card back out and all traces are cleared... pretty simple, really.

Kind of adds a "whole new level" to pickpocketing (ie. discretely sliding a card in to your device for you) or, "Excuse me sir, I'm supposed to meet someone here and they're late - can I borrow your phone for one quick second please?" *shuder*

To me, the possibilities are frightening...