Even this PoC was limited to 2000 bytes a second; even a little noise may well render the attack largely theoretical - or at least make the attack so slow as to make it feasible to use other (expensive) mitigations only very rarely.
But yeah, it's not a brilliant solution. But it would help.
Even one byte per minute would be enough to cause serious issues. Imagine if some add served up by a torrent site could read information from another tab rendered by the same process?
Not good, but still thousands of times better. And don't forget that you still need to guess where to read from, which better be a very very accurate guess at that rate. Making such an accurate guess is difficult when your runtime is as complex as a browsers, and so even without that extra timing noise no PoC exists (AFAIK?) attacking browsers.
But you know... you're not wrong ;-). I'm just not particularly worried about the likelihood of this attack hitting anything I care about anytime very soon.
Google does have a PoC for spectre that attacks Chrome via Javascript. That said, I am not super worried either. Its not like all my personal data isn't already out there for all to see (Thanks Equifax).
But yeah, it's not a brilliant solution. But it would help.