Assuming that the major players who design Silverlight, Flash, and Javascript (Ajax, anyone?) sandboxes read the Universal Thread <g>, my hope (which I doubt will be fulfilled) would be that an open standard would be created for sandboxes. True, it makes it easier for the hackers to know what to attack; but since that's going to happen anyway, having it transparent and open to testing is what is needed to make these things work.

Having effective sandboxes is the key to the next generation of software (think Google Gears), where data is stored for offline use.

Hank

>It was just a couple of days ago that I wrote about platforms like silverlight shortening the time for cross-platform malware to appear. It has surfaced in the Flsah player already...
>
>
>>Agreed: the safety of the VM will be the business-deployment issue. The Flash VM sandbox has some security difficulties, and in general VM safety is a thorney issue.
>>
>>>I agree. If silverlight becomes essentially a windows interface wrapped in a browser based VM (which it seems to me that it is), it could very well give web applications much the polish and functionality windows applications have a monopoly on at this time, while making web application development orders of magnitude faster and easier.
>>>
>>>*IF* it works and is carried forward.