Comment 20 for bug 206924

Just for the record:

If you have guest accounts enabled on a mobile device, one may steal the device, and then log in as guest without rebooting. This someone will then have plenty of time digging for other exploids of software on the stolen device.