I can see this being a more effective way for people like Anonymous to enact a DDoS attack than the slightly clumsy way they currently do it. It is interesting to consider how quickly a URL can spread around twitter and facebook, which would be all that’s needed to create a DDoS capable ‘botnet’. It’s also much easier because of this to get people involved who might not really be sure what’s going on. They probably won’t stay on the page for more than 30 seconds but as long as they are coming and going at a constantish rate then they could still be contributing a lot.
Possible mitigation includes using Apache’s rewrite rules to send back a 403 based on referrers, but that could still get overwhelmed. I guess some firewalls can filter by HTTP referrer too.