Else the BigBro-Applet gets your local host id and tries to make an empty finger request via a Perl-Script. The result is e-mailed to me by another Perl-Script. If you are the only user one your machine your identity is revealed.
The use of a proxy-server does not make you anonymous any longer as the applet runs on your machine. It knows what the name and ip-adress of your host is.
The exclusion of socket-i/o does not help a bit in making java more secure. It just makes the net slower as everything that would have been done with sockets has to be done via URL interfaces to other scripts that can use sockets.
You may read the World Wide Web Security FAQ.
St. Mü. (stefan@compling.hu-berlin.de)