Untrusted?

>>

The majority of these exploits apply to client Java deployments, and can only be exploited through untrusted Java Web Start applications, and untrusted applets.

>>

Hmm. So that means *trusted* code can't use the vulns? That sounds counter-intuitive to say the least. What's more, Web Start apps and applets ordinarily can only become trusted by the user allowing them to run.

Rootable?

Are they rootable? Is IT rootable? If so, (i suppose depending on connectivity) i'm sure that would massively increase the interest value for us geeks

>>It uses a mixture of hardware and software lockdowns to keep out malware

For "to keep out malware", can we read "to keep the buyer from owning it"?

How it works

"The jQuery open source JavaScript development library is now running on 50 per cent of all websites"

No it isn't. It isn't running on ANY website. JavaScript runs in the browser, but can access stuff server side sometimes. Pedantry? Maybe, but perhaps it's better to foster a proper picture of how JavaScript works ;)

>>Shylock uses a battery of tricks to escape detection by anti-virus scanners

But would possibly be detected by a little pattern matching against a Gutenberg edition of the works of one W. Shakespeare?

No mention of Linux

Surely it's not too much trouble to throw in a Live disk and tell us how this hardware fares with the Linux distro in question?

No root login welcome

>>Windows machines for the vast majority of users should only be run in unprivileged mode, the authors also recommend<<

Best practice in Unix is to disallow root login. Is this even possible in Windows?

Of course, for most of its lifespan, root login has been the ahem... default in Windows and still is, though UAC has been shoehorned in at the last moment