In these tests we were able to recover screenshot-like views of entire websites after viewing them in the newest version of chromium, then running the poc on the local system.
Chrome isn't trying to not let other (non-chrome) processes read info. It's trying not to let other chrome processes (other webpages, native client, etc) not read info. In other words, stuff running inside Chrome can't read stuff it's not supposed to be able to since nearly all that code is untrusted.
Chrome saves its VRAM when using WebGL, but it does not protect the hardware accelerated website rendering. thats why one could read out VRAM with chrome content as well.