Apparently there is a major security hole that allows any website to view the contents of any file on your harddisk if you have greasemonkey installed (see greasemoney mailing list post for information. I can’t reproduce the problem with their proof of concept code, but its a pretty scary possibility. Annoyingly, turning off greasemonkey will reduce the functionality on my flickr/geocaching pages 🙁 Thanks to Pip for the tipoff
