Chrome 23 just makes it full screen with a small notice.
The least savvy are UI-blind, a big portion won't realize a transition just occurred, and a great majority of them will not read the warning beyond the first line.
Of course, now with pages requesting to go fullscreen there isn't a browser UI anymore that could show things that cannot normally appear in the page content. Hitting F11 previously at least was something no web page could ever do by itself. On the other hand, having to wade through warnings like Firefox' SSL warnings probably scares away users from fullscreen games and developers from using the feature.
I wouldn't really have an answer to anything of that. I don't even know whether I embedded a question, I think it was just rambling :-)
This API means that if a malicious JS can be executed, it's game over for a number of defenses that only communicate visually.