Exactly...if people didn't click on random executables and open every attachment that comes along regardless of the source, these problems wouldn't exist. Sure, there's malicious code out there designed to be embedded into web pages and the like, but the vast majority still rely on someone getting and then foolishly running some sort of executable. While these holes do need to be addressed and fixed, it's still the old story of "an ounce of prevention vs. a pound of cure" and all that. All the same, interesting article, and kudos for posting the link.

Originally posted by ronin13
From what I have read,both Firehole and Too Leaky are based on the premise of first getting malware on the intended computer and then running said malware......although possibly a new angle,these seem to be not much different than any number of trojan programs out there.I'm not trivialising the problem,just saying that they are a new twist to an old problem.