I think these are positive changes and, from what I’ve seen so far both TCP and UDP sockets drop their security limitations for an elevated application.
That is – a non-trusted application (whether in the browser or out of browser) has restrictions imposed on it;
1. TCP sockets can only be opened to ports 4502 to 4534.
2. TCP sockets can only be opened once a security policy allowing the opening has been downloaded via either;
1. TCP over port 943 on the target server
2. HTTP from port 80 on the target server ( this is new in the RC )
3. UDP multicast sockets can only be opened to ports above 1024.
4. UDP multicast groups can only be joined once a security policy allowing the joining has been downloaded via either;
1. UDP unicast to port 9430 on the target server ( for a single source multicast group )
2. UDP multicast to port 9430 on the multicast group ( for an any source multicast group )
and all those restrictions go away if you’re running trusted.
Read more: Mike Taulty's Blog