Just because we'll never be able to plug all the holes perfectly, that's not a reason to stop trying to plug some of them.
We hope to expand what is possible in non-sandboxed mode though. File system access and starting processes should be possible eventually.
10x? I wish. 
It's more around 1000x currently.
CTFE probably has less overhead because it does not do all the UB checks. but I still expect it to be more than 100x slower than native code.
(Referring to uploading the wrong code.) Strongly disagreed. Code is much easier to verify than binaries, so it makes a huge difference whether the attacker has to upload code or can upload binaries.
I already find the lack of syncing/comparing between GH and crates.io code (for those crates hosted on GH) rather disturbing...