Guy's arguing that there are still benefits to applying security boundaries within execution envs which are vulnerable to spectre memory reads since it would limit the ability to exfiltrate. (There was a variant which could write to memory as well [1].) There was some discussion on twitter about this which I found interesting [2].