On Wed, Jun 4, 2008 at 8:46 PM, Ed Leafe <[EMAIL PROTECTED]> wrote: > Ah, that's very different than refusing to use it. So you would > install the Silverlight plugin, and then only use it with similarly > trustworthy sites?
Well, first I would have to use it for some compelling content not available elsewhere. Installing anything increases the risk of exploits, bad updates, etc. Then, I'd like to know the level of risk involved. And ensure I have the ability to turn it off (NoScript does this.) > Remember that the browser was supposed to be different than a regular > exe? No, I don't think was ever the case. It's a document viewer. Once they adding scripting, it was Word macros all over again. > IOW, anything running it in could mess up the browser, but not > the OS it was running in. That was the promise of _Java_ not JScript, VBScript or the others. They never made that claim. And Java's sandbox leaked a few times, too. > I wouldn't run a Windows exe, nor would I > use a Windows browser, because it is Windows that is fundamentally > flawed. Yeah, but it's not alone. Worst, perhaps. But there's malicious stuff a Javascript application can do in any browser. They don't have root access, but they are still a threat. Other runtimes, Flash or AIR or Silverlight, how much damage they can do hasn't really been tested yet. -- Ted Roche Ted Roche & Associates, LLC http://www.tedroche.com _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/[EMAIL PROTECTED] ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
