Good job! I hope to get one one day, too 
What I couldn't find is the answer to the following two questions (or maybe it is buried somewhere in these 84 pages), not even in their official site:
1) What happens if someone steals the device, dumps its memory and bruteforce the 10000 PINs offline? Is the memory protected, like in a Smart Card? Is the encryption key hardened (like after 100,000 rounds of sha256? Or is it a race between the attacker and the owner to move the funds?
2) How is the interface Trezor-Computer? There must be bidirectional communication (to receive the unsigned transaction and send the signed back). How is it carried out? Is like a network interface? Does it simulate a keyboard, like the Yubikey? In this last case, how does Trezor receive the transaction from the computer? What is the worst that a compromised driver can do to the wallet?
I would love to see these questions answered in the main site (since probably I am not the only one wondering this). For the rest, kudos to you two and keep up the good work!
What I couldn't find is the answer to the following two questions (or maybe it is buried somewhere in these 84 pages), not even in their official site:
1) What happens if someone steals the device, dumps its memory and bruteforce the 10000 PINs offline? Is the memory protected, like in a Smart Card? Is the encryption key hardened (like after 100,000 rounds of sha256? Or is it a race between the attacker and the owner to move the funds?
2) How is the interface Trezor-Computer? There must be bidirectional communication (to receive the unsigned transaction and send the signed back). How is it carried out? Is like a network interface? Does it simulate a keyboard, like the Yubikey? In this last case, how does Trezor receive the transaction from the computer? What is the worst that a compromised driver can do to the wallet?
I would love to see these questions answered in the main site (since probably I am not the only one wondering this). For the rest, kudos to you two and keep up the good work!
1/ To "dump this device memory" you need expensive laboratory equipment and time. I'm not sure how much time you have, but it should be enough to transfer the BTC if the device is lost/stolen. One more comment on this topic: You should still take care of the physical security yourself. But if you do, then with this device you can safely send/receive BTC what was not possible pre-Trezor, because you used (potentially) unsecure PCs.
2/ Thezor connects as Human Interface Device (HID) and sends Google protocol buffers over the USB wire. It does not need driver on PC. When it received data over USB, it parses and validates protobufs and invalid data are rejected. Interface does not allow private keys to leave the device so any valid reqest that is answered by the device cannot leak the keys. The worst what "malitious driver" can do is getting your public keys and btc adresses and it can send various requests to the device that will prompt you for pin entry and confirmation. These include: signing transactions or wiping the device.