Re: Marshmallow: MicroSD card users - will you use adoptable storage?
The problem with SD Cards (historically) is that they are formatted using the FAT32 file system, which has been around for two decades, because that made them universally readable by just about anything out there. The problem is that FAT32 does not support *any* file permissions, so it's the wild west and any app could do anything it wanted with any file. The problem comes in when one app modifies another app's file(s) in an attempt to "trick" the other app into doing something "bad". Or when badly written apps store sensitive data (say, your bank acct info) on the SD Card where any other app could read it.
With Android 4.4, Google changed the way SDCards were handled so that apps could only write to pre-determined folder paths on the SDCard, and only using a special API which forced the app to define the type of data that was being read/written. That way you don't have an app "accidentally" executing code because it was trying to read an MP3. The stops the first problem listed above, which closed a fairly major security whole within Android.
With Android 6.0 (Marshmallow) Google has finally "fixed" the issue for real. You can continue to use your SDCard as a standard SDCard, but only certain file types can be saved (so apps can't misbehave) or you can choose to integrate it with the device's internal storage. If you choose to integrate it with the device's internal storage, it will be formatted using a Linux-based file-system (like ext4) that supports the same file-level permissions as the device's internal storage (which is already formatted with that file-system). Anything that gets stored on the card will be accessible using the MTP interface when plugging in your phone, but will not necessarily be accessible if you took the SDCard out of the phone and stuck it in an SDCard reader. This is a combination of Windows PC's not being able to read ext4 (or whatever file-system they use) and the file-level permissions which define "who" is allowed to access what file(s).
This is probably the best way that Google could have possibly implemented SDCard support. It still allows the flexibility of extending your device's internal storage, without opening up security holes by having a completely unregulated file-system in the device. Even Microsoft abandoned FAT32 more than a decade ago, for the same reason: it is impossible to have good security on any system that stores data without any kind of permission model.
And to anyone concerned about increased hardware/development costs associated with including an SDCard slot, the fact that Google has made this change means that Samsung/HTC/Moto/etc no longer have to try and build their own systems to deal with this security vulnerability, so that should be a non-issue. The hardware itself wouldn't cost an OEM more than $1 per device, and doing trace mapping on the board to support the slot is something that only has to be done once when initially designing the device.