Uncommon Sense Security: CERT spreads marketing BS and misinformation.
I did this one quickly without fully vetting the article because i was in a hurry…bad move. Securosis and CERT misidentify several things as clientless when they aren’t like OpenVpn. The only “clientless” apps are those that run purely in the browser and do not require activex or java. Most of the “affected” or “unknown” software listed is NOT clientless. Sorry for the mess on my part.