The physical access required for an evil maid attack is very different from the "physical access" required to give you a malicious USB device. In that sense this is a lot more scary. As are aforementioned Thunderbolt and Firewire attacks; without an IOMMU, those are a security nightmare too.
