This week a security hole was discovered in Linux-based G1 cellular phone Android 1.0 that allowed you to gain root access to the device.
The trick was that you have to start up a telnetd server on the phone, and then anyone who knows your IP address can log into the machine without a password to an administrator account.
When the phone booted it started up a command shell as root and sent every keystroke you ever typed on the keyboard from then on to that shell. Thus every word you typed, in addition to going to the foreground application would be silently and invisibly interpreted as a command and executed with superuser privileges.