Hackers Gasping For Adobe AIR

"Adobe has released their new AIR product with much fanfare about letting developers "use proven Web technologies to build rich Internet applications that deploy to the desktop and run across operating systems." The grand vision that's being promoted is that AIR is pioneering the application development model of the future, where cross-platform applications will be developed using a platform-independent tool such as AIR, and then deployed across the Web as downloadable gadgets that can be installed on any computer...

"The designers of AIR obviously wanted to play in the desktop application space, so AIR applications have full access to the machine they are running on. But it seems that the AIR designers were unwilling to give up on also being a platform for casually loaded Internet gadgets, even though they did not see fit to give AIR a sandbox for running untrusted applications...

"The resulting situation will be a bonanza for criminal hackers. AIR will become the first truly cross-platform tool for distributing malicious applications. Macintosh and Windows, home and business computers will all be equal-opportunity targets for Trojan horse attacks, keystroke loggers, etc., truly realizing the dream of `write once, hack everywhere!`"

More at AjaxWorld...