I came across this article about some security loopholes in AJAX. It's a pretty interesting read, they talk about things like not having a validation source, along with more advanced techniques such as manipulating code to potentially harm a users browser, or computer. It seems to me that we still have a few ways to go before we see this new technology start to massively take over the web. It will be interesting to see how this develops.........