The web browser built into Amazon's Kindle Touch eBook reader contains a serious security hole: when a user navigates to a specially crafted web page, the Kindle will execute arbitrary shell commands as root. This allows attackers to access the eBook reader's underlying Linux system at the highest privilege level and potentially steal the access credentials for the Amazon account linked to the Kindle, or purchase books with the Kindle user's account.