This is just an idea, and not a very serious one at that. I think MI6 could back the page with some logic. Why just have a webpage when you could be listening for mouse movements etc?

I need a dramatic example …

Imagine you are a spy implanted in Paris. You are being tailed. You need to get a secret code of utmost importance back to headquarters but any cell phone or other obvious means would be noticed. So you decide to stop into a coffee shop with a public web kiosk. You browse to mi6.co.uk (which might be obvious to your enemy) and you move your mouse around on the webpage creating a bunch of mouse overs over their image map. Ajax plugs into a sampling system on the backend and samples as many mouse overs as possible and suddenly you have a lightweight (and probably slow/inaccurate) drawing system.

Without clicking, you hand write “020411″, the secret code that will defuse the nuclear bomb ticking in London. You order your coffee and leave. Anyone watching might just see you looking at a web page.

Yes it’s ridiculous. But a front or fake web page isn’t completely ridiculous. Take www.ourcolony.net, a fake webite for xbox 360 marketing. They claim on their page, “not an alternate reality game” (ARG). If you haven’t heard of ARGs, it’s a game where you search media channels as if you are playing a game. For example, you might get an email to a fake site that takes you to a chat room which takes you to something else (maybe a lyric off a commercial CD). How hard would it be to take the alternate reality game content and turn it into real national security / sensitive data?