But by doing that you're feeling ok with running untrusted code which could easily exploit the JIT. Whereas with native code you have to trust it so you'll only run good trusted code.
There is some truth in the fact that until we have support for signed code on the web - and a way to check that whoever signed can be trusted, we only have "level 1" security.
In FxOS we used code signing to grant access to more powerful apis. I think that something like what the Dat project is doing could be interesting in this regard, or web packages as described in https://github.com/WICG/webpackage/blob/master/explainer.md
