The article's suggestion does not say the mouse would be moved or locked by the web program. The program would be able to hide the cursor (which it can already do) and receive 'virtual' mouse coordinates.
My main concern is number overflow for long-running applications, but I seriously doubt this will be a problem for anyone.
I don't see any security problems with the proposed solution (though I don't claim to be a security expert!).
I may be hugely misreading the article, but when it says "The mouse will be anchored to that position and the mousemove events are going to set a virtual position" and "Everytime the user moves the mouse ... the cursor is moved to the center of the screen" I find it difficult to interpret that in any way that doesn't effectively mean that a website is able to move or lock the cursor. I admit that I use cursor and mouse interchangeably, when they're actually not the exact same thing, however.
Okay, I missed "The mouse will be anchored to that position" part. I really disagree with this part of the proposal. Thanks for pointing it out.
However, the comment about the cursor moving to the centre of the screen is an implementation detail. At least on Windows, you need to centre the mouse cursor for something like this because the OS won't (easily) give you actual virtual coordinates.
Javascript can hold full precision integers up to 2^53. Let's say you can mouve by 1024 pixels per seconds. It would take 2^53 / (3600 * 24 * 365.25) ~= 280 000 years to get beyond the limit.
I think we are pretty safe on that part, even for veery long running app.
My main concern is number overflow for long-running applications, but I seriously doubt this will be a problem for anyone.
I don't see any security problems with the proposed solution (though I don't claim to be a security expert!).