I have read that some scripts can be run through active content such as javascript or flash and get hardware information including install dates and serial numbers.

Is this possible, and if so how can I defend it?