It seems that the handheld, and, in particular, the mobile phone industry, is going through the same painful process the software industry went through at the outset of the Internet. Suddenly, what was a very closed industry has opened it's doors to the masses, who are free to poke around in their technology, and do not need to abide by the rules. In the early days of the Internet, the standard response to a security problem was to deny everything and hope it went away. Now they tend to work with the (hopefully ethical) hacker that first found and reported the problem, and release fixes as soon as possible. Let's hope the embedded device guys learn from this quickly, and get the infrastructure in place to do the same, and, indeed, the response of the SIG is certainly a step in the right direction.