This is an excellent, in-depth and thoughtful article. I'd say the only thing it omits, and I do think is crucial, is not using X where X is unnecessary. You can close a lot of security holes just by doing that. Still a great read.
Spectre seems serious. Even the E family of languages (E, Monte, Joule, Grace), which have similar lineage to ECMAScript but have always been focused on isolation, don't have ready answers for how to mitigate Spectre and related attacks.<p>I think that hardware-effect attacks are going to be the primary thorn in our side for the next few decades, even if we all agree to switch to object-capability systems immediately.