"Brian Gregory" wrote

| I disagree that DEP addresses a minor security issue.
|
| Without DEP many buffer overflow exploits are trivial to exploit

Yes. Which is what I said. So if you allow script in
your browser routinely you could be at slight risk. If
you allow iframes and cross-site scripting you're at
more risk. If you don't block major ad servers the risk
is still higher. Enabling DEP for your browser would
be a good idea and shouldn't have any down side.

But why would you need it enabled for other software?
Anything running on your computer is already allowed
to execute without needing to exploit a vulnerability.
So why not only enable DEP for your browser, and maybe
your email program, if you're worried about it? I'm just
trying to put it in perspective. Risks have contexts.