Are we having fun yet?

Browser security is a hot topic, and there are great resources out there

• Georgi Guninski's resources: http://www.guninski.com/browsers.html

• Malware.com: http://www.malware.com

• Liu Die Yu's collection of materials: http://umbrella.name/index.html

So far, most serious browser attacks seem to be "disorganized" threats

• They don't target specific users

• They're not tailored to specific victim communities (other than "everyone who's vulnerable")

Does this mean that we don't need to worry about the problem, because it's so hard to exploit?