While we are waiting for WOFF support broadly, there are some protective measures available for webfonts to prevent them from being installed locally.
There is a technique of obfuscating the
name table, rendering it unusable as a system font, but fully functional as a webfont. Ethan Dunham of Font Squirrel and Fontspring has led much of the research below, based on some prior work from Peter Bilak of Typotheque and Philip Taylor with his Font Optimizer 
Specifically, these are the modifications for a TrueType font:
- Delete all name entries except for platformID 3, platEncID 1, LangID 0x0409
- Set entry 1 (Font Family) to '' (empty string)
- Set entry 2 (Font Subfamily) to a unicode smiley:☺ 
- Set entry 3 (Unique ID) to '' (empty string)
- Set entry 4 (Full name) to smiley:☺
- Entry 5 (Version) may optionally be changed. Ethan recommends inserting some verbage about the font being protected. It shows up in the get info window on Mac
- Set entry 6 (Postscript name) to smiley:☺
- Entries 7-14 can remain as is
- Delete entries 15+
Create two Mac entries: platformID 1, platEncID 0, LangID 0x0
- Set entry 1 to blank (basically have an entry but no value)
- Set entry 4 to the Font Name (optional but will show up in Get Info)
When the Font Family name is an empty string, it is uninstallable in Windows. Meanwhile, the OpenType spec indicates that two-byte unicode characters (like the smiley) won't work in a font name on Mac at all.  As a result, it's rejected by OS X and not possible to install. Linux isn't able to cope with these modifications either. 
These changes are done not only to the TrueType "naked" font, but can also be applied to the underlying TTF embedded in the EOT and WOFF files as well. It's also worth noting that Chrome's font sanitizing library OTS completely avoids the
name table. 
I believe all non-free fonts should employ these changes as they are distributed for web use, essentially providing them with a similar "garden fence"-level of protection  as WOFF. Fontspring is already employing this technique, and you can test it out with the WebOnly option at the Font Squirrel generator .
If you guys think this is worthwhile, I'd love to help draft this up into something more official so it's a documented standard that all foundries can use when preparing their work for sale as a webfont.
Edit: Clarified the Windows installability reason. Worth noting: when the full name doesn't match Font Family + subfamily, it is uninstallable in Windows, however they match with this above technique, which is why the EOTs with this modification still work. (thx Ethan)