And it does not neccessary mean a long time alone, I guess no-one has yet made "evil maid attack" for the N900 but flashing a custom bootloader and/or kernel will take less than a minute.

And once the low-level is compromised everything on top of it is too (great way to get those good long passwords for your encryption keys and/or read the master key directly from memory when it's used to encrypt the session key)