I'd like to have some feedback from you. Do you agree with those points?
1) on most computers Javascript is enabled by default
2) This gives anyone a platform to play with parts of their owners equipment.
3) From a security point you are lost as soon as you give an adversary the opportunity to control your system.
4) Only non-active web content can guarantee that you keep control over your equipment.
And the last question: if all above is true, do we want to tell this to the public? Does it help? Or would we be seen as being completely paranoid.
Thanks, Matthias