You're misunderstanding: you browse with JS disabled by default. Random sites shouldn't be running programs on your computer. If you trust the site, you whitelist it.
... They break about as often as they work. [0][1]
There are a lot of vulnerabilities that appear in web browser protections, and almost all of them get exploited via JavaScript. Running untrusted software is not safe.
This is factually incorrect. It is entirely safe to run JavaScript in your browser. Your definition of "a lot" doesn't fit this conversation, because it doesn't represent constant and regular vulnerabilities.
Browsers are very safe. Not perfectly safe, but very safe. Thinking otherwise is paranoia, just like not running JavaScript by default in your browser is paranoid.
No, it's not. The lack of availability of guns is the sandbox, the cultural more of not killing people is the access controls.
"Bulletproof vest" in this analogy is "extraordinary activity designed to keep you safe".
You don't "wear a bulletproof vest" (a stand-in for "take extraordinary measures") to prevent yourself from "getting shot" (a stand-in for "thing that happens very rarely").
In other words, your assessment of the risk of JavaScript running in a browser is higher than it actually is.
I'm not sure you understand how many entities are trying to get into your computer to track you/steal data/mine bitcoin/etc. These are active attacks against your computer every day if you are a regular user clicking viral shit on Facebook, random ads for things, etc.
Look at how many 3rd party JS libraries get loaded from remote sites for metrics, frameworks, tracking, ads, etc for something like a newspaper site. There are probably 15 servers involved, most of which run by companies with limited security expertise (if any) so frequently they end up compromised to inject garbage into visitors' browsers.
There is absolutely no lack of availability of guns or people attempting to use them on you in this analogy. The bullet proof vests are good, but that doesn't mean there isn't someone attempting to shoot you in the chest every time you go out.
Look at spectre/meltdown. Arbitrary code execution is not safe. Not in a browser sandbox, not in a kernel namespace, not in a hypervisor. You're protected from common thugs most of the time, but your bullet proof vest will fail if someone with a powerful gun takes aim.
There is a reason the CIA doesn't use the same AWS servers as the public and it's the same reason you can't view Facebook from inside a secure military network. Sandboxes are just a protection mechanism from well-understood attacks, they don't provide anything near the level of real isolation that Internet companies would love you to believe.
And I'm not sure how secure I am against those entities. There are active and unsuccessful attacks against my computer every day, and none of those attacks rely exclusively on running JavaScript in a browser sandbox.
