UPDATED: 1/30/06 Response from Author
"Just to inform you that the malicious code mentioned to you was actually partly research for the paper. If you take a look at the latest version (with lynx if you like), I now refer to the clipboard issue in issue 3 (this was introduced in 1.2.0 of my paper. The code that was previously included in the page simply logged a 404 in my error logs for each success, I'm intending to run these logs through a log processor so that I can get a better understanding of vulnerable IE versions still in the wild and whether there is a significant variation in success dependent on the carrier web site.
To clarify, the code itself has been removed. Once the balloon went up, as it were there was no further benefit in keeping it there, since any future results would be quickly be skewed by publicity.
From what I understand, the clipboard issue only affects IE. The point of the paper is that legitimate features can be used in an unorthodox manner and that these features carry far more risk than is currently perceived by many people including those in the industry. XSS attacks aren't just about stealing cookies. IMO a feature such as this, which was flagged up in 2002 should by now have been dealt with and yet it has been allowed to remain.
Article Link (View with Caution): http://www.nth-dimension.org.uk/news/entry.php?e=156579087