I'm not a fan of virtualization for apps that are maintained and should be able to coexist under one kernel, but I may reconsider since browser and plugin vendors are still not offering a permanent Chinese wall between my activities on separate sites.
Because the sites themselves don't work with a Chinese wall between sites. Yourfavoritesite.com is probably loading images from images.yourfavoritesite.com, or possibly akamai.net, and scripts from jquery.com. Making a browser able to distinguish between that and black-hat cross-site stuff is an extremely difficult task that we still haven't gotten quite right.
I wish we had sandboxed tabs. Ie you create a sandboxed tab instead of a normal tab, it has its own cache, it's own cookie store etc. I could open my bank website in a separate sandboxed tab and not have to worry about sites in other tabs hitting it with CSRF attacks etc.
