Anything that you couldn't really do firing off an ajax request after the page loads?

No same-origin-policy, since you can't access the data in the response, but you could do that already with hidden iframes.

You could stick hundreds of huge images forced to 1x1 px size.

Maybe the "annoy a minority of people with tight bandwidth-caps"-attack isn't all that big of a threat.

Care to share?

Not the op but, on your site, force them to 'preload' tons of 'content' that they'll never really need. With low limit tiered bandwidth, it could be extra evil.