Basically the mfg *promised" both speed and security, but couldn't deliver them
So they delivered the speed (which users can measure easily) and hoped no one could figure out
a) They'd relaxed the boundaries between running processes and
b) No one could find a way to exploit the relaxed separation.
IOW the illusion of security without actual security.
I wonder how many process crashes over the years could also be traced to miswritten code influencing another process and crashing that instead? No way to know I guess.