I actually looked at this article when it first came out in The Register.... And actually read the research paper they posted. There are a couple of pretty important caveats... If you have Android's version of whole "disk" encryption enabled, they can't actually read the full long term storage, so long as you don't have an unlocked bootloader (i.e., haven't rooted your phone). Apparently, the process of installing a new bootloader erases the long term storage. However, they can still do a RAM dump and obtain anything that was still living there in RAM memory.
However, if you have an unlocked bootloader, then they can install their custom ROM on the phone without overwriting the storage. And they can (usually) recover the encryption key from RAM and proceed to decrypt the entire storage area on the phone.
The disturbing thing is that several of the phones they tested shipped from the factory with an unlocked bootloader....
Oops.