The power of watch lists was confirmed not more than a few hours after I posted my remarks on using plug-ins on web sites... A very well spoken gentleman from Macromedia support commented on my post.
On the overuse and misuse of technology by site designers he said, "I'd agree that there's definitely a case that can be made against counterproductive use of technology -- if a site does not start up quickly, or forces you to wade through a lot of fol-de-rol before allowing you to proceed, then that's not very productive..."
On the security risks of allowing the Flash player plug-in he wrote, "The security model for Macromedia Flash is actually pretty strong, though -- it provides a sandbox in which scripts can safely play, and this sandbox is identical across operating system and browser environments." He continued later in his email to me, "...with the widespread presence of SWF files on Top 100 sites and the 98% adoption rate among consumers...?"
With regard to watch lists; obviously some companies (Macromedia definitely) understand the power of buzz and the reach of electronic communities. My advise is to follow Macromedia's example and dedicate one or many people to sniff out what people are saying around you (your business space) or about you.
With regard to the context of my statements about plug-ins and "just say no"; The most blatant of poor design, overuse of technology, and exposure to browser risk occurs at the front door of web sites. When designing an home page I think it's good manners to allow the user to determine a trust level before pushing content via technology onto their computer.
I use FireFox, plug-ins turned off, as my primary browser. If I trust a site and want to visit their pages that do use plug-ins I fire up "that other browser".
Macromedia has an excellent record of aggressively closing any holes discovered or exploited in their technologies. It is also true that holes and exploitation have occurred ("Click-Ad", security patch updates, and version releases touting improved security). It is not in any way neglect on Macromedia's part that creates risk. It is the determination of malicious individuals exploring every possible way to sneak inside someone else's computer.
Macromedia Flash is not a toy. It is a useful and functional medium for communicating information and concepts when employed thoughtfully and intelligently.