This says something about the users using them, but also about the standards.What amazes me is that there isn't any HTML element defined which locks the HTML page from being altered.
As a lot of pages don't need to be dynamically updated by Ajax or any form of scripting, it should be possible for such a page to be locked. When a page is locked, the browser must prevent any updates to the (rendered) source. So, no new elements may be created, altered or deleted. And the same goes for the element attributes.
What would be even better, is that sections of pages can be individually locked. For example, using a <locked></locked> element. Everything that is inside of the locked element cannot have any DOM alterations. That way, even a page which does use Ajax or any form of dynamic scripting can secure itself by locking portions of the page. Controlling which parts of the document can be altered and which parts cannot.
The DOM must be restricted in a way that a Locked element can never be deleted.
As far as my understanding goes, it would be fairly simple to implement such an element into the HTML and XML DOM. And it would make all the compliant browsers a lot safer.
You might even consider online banking again...
The opinions expressed herein are my own personal opinions and do not represent
my employer's view in any way.