I believe that cursor flash is a character attribute that is sent with the original stream, kind of like bold or underline. It is NOT a continuous data flow. I believe the security exploit was looking for more than just a few characters within a packet to be repeated, I think they were looking for a small but repeated packet with a "fixed" phrase. If you check the most recent versions of Firefox, and possibly other browsers, you will find that SSLv3 has been disabled and only the TLS protocols are now allowed. That is because there was a bug in the SSLv3 protocol such that it was using a bad algorithm and could be compromised. See Episode 478 "Poodle Bites" and more in episode 485. I don't remember the full details of the SSLv3 problem, but I regularly find that the Security Now podcast tends to give the most complete and in depth explanations of what is happening in computer security. They tend to be much more in-depth and geeky propeller head level than the other podcasts I've listened to. If you want the de-hyped in-depth version of the latest security holes, this is a good place to look. I'm listening to the latest podcast now to find out what the Turla backdoor for Linux is.... https://www.grc.com/securitynow.htm I believe Steve Gibson and Security Now was mentioned in this remailer some time ago, and a number of people had negative comments about him. Personally I enjoy his style and have no reason to believe his explanation of the security problems isn't accurate. I remember reading his columns back in the 80's and enjoyed his writing. Doug.