In-Reply-To: <[EMAIL PROTECTED]> Actually, the subject message WAS accurate insome respects, however, it is NOT true at this point. In February, there was a pre-beta version being used on the XMB support forum, and that version DID indeed have the javascript security flaw. When several people, including, I suspect, the poster of the original message repeatedly used that exploit to showthe vulnerabilty, the current developers of version1.6 made theneeded cahnges, and the hole no longer exists. Version1.6 is now in a final beta, and that security hole, along with another that we beta testers found, has been closed. Joe McManus, XMB 1.6 Beta Tester.