This is an unsigned applet which loads five images directly from the Flickr website. No proxies or security requests are involved. This is allowed because the Flickr website has a crossdomain.xml file which allows secure access to images and webservices hosted there.
This is the same security mechanism Flash and Silverlight use, allowing Java applets safe access to the same webservices as Flash and Silverlight applications. Support for crossdomain.xml files is new in JavaSE 6 update 10. Older JREs require signed applets to do the same thing.