I always browse with all plugins and java disabled. If a site uses Flash, I typically will just move on unless it's something absolutely essential to what I'm doing. Surprising how many sites that use Flash don't have any usable fallback for clients that don't support it or have it disabled.

I don't think I've come across a Java applet in the last 5 years. I see NO need to allow Java in the browser unless it's for a trusted, internal-use application.

Good move. I suppose the most vulnerable are those driving desks being forced to use IE7, Standard Operating Environment that runs these plugins or some internal business application requires them.