network sniffing

This is only worth paying attention to if someone can say how they not only escaped the browser sandbox but then called native, privileged code. Javascript running in the browser cannot just do that.