Re: Beautifully damaged!
The sad thing, is some of us are stuck with it.
I recently uninstalled Java because I wasn't using it and I was sick of it nagging me about updates.
Then I had a support call, that required me to connect via a VPN to the network of a mining company. Their VPN solution requires one to have Java installed (and enabled in the browser), apply a registry patch to your host, then visit a particular web site they host.
When you connect, the web site downloads to your machine, a device driver, for the VPN, configures the new virtual network device, sets up IP addresses and routing tables, then firewalls off all non-VPN related traffic. All from within the web browser.
At first I couldn't get it to work. Not in Firefox (my primary browser) or IE. IE flat out refused. Firefox claimed that Kaspersky (my AV software) was "scanning running processes".
Then I read in our support docs about the Java requirement and the registry hack, so installed Java, applied the hack, rebooted. IE refused to work. IE 64-bit refused to work. Tried Firefox again, and voilà, it worked. I was then able to SSH to the affected machine and apply the fixes the client asked for.
The whole experience though left a rather sour taste in my mouth security wise.
This is one of two VPN solutions I know of, that work from within a browser. The other one also working on Linux (it prompts for your password to invoke sudo).
The fact that it's possible to make a web browser install device drivers on a host and monkey around with routing tables gives me the willies.