There are a few threads on a few different blind programming mailing lists out there on the vast interwebs that preach the cautiousness of Window-Eyes scripting due to potential security threats COM automation exposes. As soon as Window-Eyes 7.0 Beta 1 hit the streets (even earlier, in some cases), dissenters began fanning the rumor flames about Window-Eyes scripting's immaturity being an open invitation to all the hacking nasties to scamper out of their rotten woodwork to wreak havoc on the blind community. Window-Eyes security isn't tried and tested, they bemoan. The kind of freedom COM automation provides welcomes destruction, they assert. It's only a matter of time before someone gets hurt, they hyperbolize. It's amusing to listen to self congratulatory erudites spew forth from their gaping cracks about things they have little knowledge of.

The developer who constructed our security model (which we all discussed in depth for many days) makes the would-be hackers look like diaper-laden script kiddies still breast feeding from the swollen teat of splendiferous delusion. In other words, and with my thesaurus aside, the combined knowledge of security related details on the Window-Eyes development team is bested only by the people who make security their reason to get up in the morning.

To say that any security procedure is completely foolproof is an utterance of fantastic ignorance. We are, after all, talking about machines here. Even the most unbreakable cryptographic schemes are schemes that haven't been broken yet. I know first hand what goes into the Window-Eyes script security and trusting mechanisms, and to anyone who thinks they have what it takes to break them, I say bring it on. At the very least, you'll help make Window-Eyes even more secure.