On Apr 5, 2007, at 5:30 PM, MadAlexGumstix wrote:

Claimed vulnerability for embedded systems based on ARM / XScale - Stay tuned!

<http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9015618&taxonomyId=17>

Reading between the lines it sounds like basically the "vulnerability" is that many devices have JTAG connectors on them, so you can use a hardware debugger to analyze/inject code into most of these devices.  I think it's really only an issue at all (if it even is then) for people with "closed" devices; with something like gumstix, we don't really try to stop people from being able to load their own code onto the thing ;)

C