> > Firstly, "the sky isn't falling, the risks posed by the gadget API > already > existed elsewhere in Windows generally, but this is another new attack > surface without any legacy dependencies". This is my general view on > the > gadget API. > Yahoo widgets. > Finally, why on earth does the trust model for gadgets consist of full > trust > and nothing more. Why not allow gadgets to state in their manifest > that for > example they don't need to execute things, won't make use of ActiveX > controls > and will only connect to a specific host? > Or have the OS force a restrained environment for them to run within. The usability and convenience offered by them isn't worth the opportunities they proffer.
