[kevinsundar]

All right upon closer reading you are correct. I seem to have missed the point of the article. There are some good points that the author brings up.

However I still think the title could be better. There are lots of things that applications "can" do. I put more trust into random applications that run on my system.

[palant]

Yes, you put considerable trust into applications running on your system. But I hope that you don’t just install random applications. You probably choose only vendors where you can reasonably assume that they don’t want to accept the backlash of having shipped a malicious application.

Now shipping a malicious application is always a risk. This application release is evidence of misbehavior, should someone choose to analyze it. This risk is almost non-existent with dynamic web applications. It would have to be the one targeted user who analyzes megabytes of code.

To sum up: there is a good reason why websites are sandboxed and don’t get any access to your system.

Note: I am the author of this article.