A school teacher was arrested for allowing children to look at porn. But, as you might expect, she had nothing to do with it. An innocent looking website (could have been any one anywhere) had a link to a site that some children followed that had pornography. Later on, the teacher noticed that she was getting porn popups - guess who has spyware? The best part is the litigators didn’t even bother to check for it. Let’s screw the consumer for their poor security.
Who loses? Children lose - they no longer have their teacher and they were exposed to pornography. The teacher loses - because she lost her job and may have to register as a sex offender if things don’t pan out well for her. We lose - yes, we lose when we cannot protect school teachers from innocent surfing of hair websites. If consumers don’t feel safe to use the internet because they are worried that they will lose their freedom and their livelihood, I think we have a serious problem here. Anyway, scary read and of course, the normal XSS implications apply, ad nauseam. Yes, this goes in to the scary implications of CSRF category.