Real computer forensics involves getting the computer powered down, removing the disk, setting it up in a test jig with write protect enabled, and reading the complete image from the disk onto a sterile environment for analysis.
That was true.. in 1998 (the fact that it's still such a pervasive misconception is a seperate problem). We now know there's a wide variety of critical information that isn't available when a computer's powered off - if a (trojan) malware object was present on the drive at capture, with a purely offline view can you prove whether it was loaded into the OS when the evidence was seized? How about open file handles/network connections? Encryption keys?
If he has interfered with the computer in any way by plugging in a USB key, then the evidence is contaminated.
The article probably oversimplifies, simple USB keys that just come pre-loaded with software to search drives aren't that interesting anymore, the idea is probably close to Tribble or something similar. Not that there aren't problems with those kinds of devices... Rutkowska, 2007 (pdf)