Re: Just kill ALL code in a browser.
"No, I think the lesson is "don't try to get clever for the sake of performance"."
The rest of your comment makes very clear that what you meant to say might have been slightly better as "... for the sake of performance on a multiuser multitasking system which aims to have any pretence of security."
Seems like it might be time for a return to single user single tasking non networked systems. Either that, or take properly architected processors and properly architected OSes seriously, and admit that the apparent performance of x86 frequently comes with a functional penalty in real-world work.
Plenty of people understood this already, but it wasn't a popular message.