Hi Tom. Chuck again. I wasn't planning on participating anymore in this discussion because I felt I had said all I had to say, but it is now going too far.

What started out as a very healthy and potentially productive discussion about security has turned into a pissing contest between yourself and JD. This helps no one and hurts the masses who are following the subject and getting misinformation from *both* sides out of an effort to win an argument.

Statements such as "Flash 6 can turn your computer, via its camera and microphone, into a large bug in your home or office." is just as irresponsible as you are claiming Macromedia is by downplaying the video capabilities of Flash. Your comment is a total and complete distortion of the truth. And while you link to problems that flash has had in the past, you have not linked to any information showing that the video feature of flash has been exploited. It hasn't been yet. And while it might be someday, in the interest of honestly and clarity, until it is, statements such as the above are just irresponsible and shouldn't be made.

For more clarity, you said "Flash 6 fail to mention two-way videoconferencing?". Because Flash 6 cant do two-way videoconferencing. If I spend $500 on Flash6 and you spend $500 on Flash6 and we both have cameras, guess what, we cant connect with each other. And if Macromedia had claimed you could in the features presentation, a whole bunch of people would have been upset when they bought flash and discovered they couldn't. The video/audio conferencing is a functionality of Macromedias very expensive Communications Server and without that, that camera is useless with flash unless you want to look at yourself. Again, you fail to mention this critical detail and anyone reading your articles will assume that you can do this with Flash 6 all by itself. By the way, you *will* find this feature in the fancy presentation about the Communications Server because that is what you have to buy to get it. MM would have gotten nailed if they had claimed videoconferencing as a feature of Flash6.

One last comment/question for you Tom. Why are you focusing so much on potential, yet un-exploited feature of Flash when there are MUCH more dangerous and known security issues in every version of Windows, Outlook, Office, Apache, MSN Messenger and on and on? Including apps that also have access to your camera? Now, back to your kid example. What is of much greater threat and deserves more attention currently is the many situations like the free RealOne player (many others do this too). Your kid will likely install that to see some cool video or something and even worse than running a flash file, unintentionally install a bunch of full-blown applications that include all kinds of invasive adware/spyware and if they wanted to, since they are applications, they can access your camera and microphone and never even ask your permission. This is a real threat to both security and privacy and much more likely to get exploited than potential of your kid using a gaming site and clicking allow on the cam settings, then the gaming site starting to watch you. Dont forget, even if he does grant the game site access, that one site is the only one who can, and only when you are logged into the site. No one else at any other time. Another important detail your readers need to know, yet you conveniently leave out.

I apologize for picking on you a bit, I just think this is an important issue that needs to be discussed openly, but with fair balance and facts to support bold statements from both sides. But thanks for providing a forum to discuss this that will reach users who have likely not followed past discussions about this elsewhere.

And to JD, this would have likely gotten wrapped up nice and quick if your initial comments to Toms post had not essentially discounted him and his position, which will put anyone on the defensive. Something simple such as "While this has been discussed several times in the past (links to slashdot) and we feel our security model is good, we continue to be open and would love to hear addition feedback from users as to how we can improve the information. Any suggestions Tom?".

Okay, that is way too much opinion from me.

-chuck