Physicall access + time alone means cracked device, always. This is the first rule of information security.

I suggest adding http://www.schneier.com/ to your RSS feeds.

I have some ideas for better security on N900 (probably they have holes in them, I'm not Bruce Schneier...) but in general encryption too will only slow the attacker down as long as the master private key is on the device (most encryption systems use session keys as well so in case a key for single file is cracked not all files are lost, there are many good reasons for this but lecture on cryptoanalysis would make this post very long).

The master key is important since if you have weak password protecting the master key then it's quickly cracked (cracking the actual encryption is infeasible as long as the implementation is sane).