I am a regular user and I don't have any programming background. It appears that there are some malwares that utilize the kiosk mode. Since the overwhelming majority of users have no need for nor would every want to use kiosk mode there should be a method of absolutely preventing its use without the express permission of the user. Maybe requiring a 4 digit passcode before it can be activated OR giving the browser user the option of deleting the kiosk mode altogether could be ways of mitigating this malware avenue. I hope the programmers provide us with one more opportunity to prevent malware from invading our privacy and security.