Ok, how about the fact that credit card numbers are stored in the memory dump of the unit? When encrypted, credit cards storage uses a symmetric key? Servers are regularly stolen, but the drives are not encrypted? The software must be installed as the admin user?
From a security perspective, these units really are a POS and a betrayal of trust by the vendors. Most retailers do not have staff on-property to do IT security, so they out-source it. They have been charged an arm and a leg, but do not get a secure, reliable system.