[throwaway_pdp09]

AIUI spectre is pretty much unrelated to this. The article is mainly about securing JS. Spectre allows sidestepping anything. The only point where spectre and capabilities touch, that I can see, is

"The second thing to note here is that if you have a true capability system and can carefully control network access, then the capability to exfiltrate (basically to use fetch), can itself be treated as a critical permission. Secrets might be discovered but not as easily shared"

which is a very interesting point.

[Kednicma]

Read again, but from the other side of the looking-glass; imagine that you have a bunch of code in E or some other object-capability-safe language, and you want to audit it for Spectre vulnerabilities. As the article makes clear, other concerns are taken care of structurally by E's design; how might E be changed to also help mitigate Spectre?

[throwaway_pdp09]

Capabilities can mitigate exfiltration of spectre'd data exactly as described in the bit I quoted. That's mitigation of, not proof against, but it's something. I'm afraid I don't see your point.