Both types of entities might be used to create denial of service attacks or other malicious documents when used with a Web browser's rendering engine.
Times are changing. The increasing relevance of mobile browsing devices and new rendering engines has led to a desire among designers to curb the need to test on every device imaginable.
Another issue is the versions of rendering engines.