The harder it is to write an application, the better the application must be. Putting stuff in the kernel means it will be harder to get right, so clearly the app will be better.

A security hole in the kernel is a small price to pay for a 0% speed increase.

System calls are expensive for a variety of reasons (including, but not limited to, the cost of extra data copies and the cost of switching security "rings"). For system-call heavy applications (in particular, networked services), moving things into the kernel provide huge speed benefits. [0] [1]

You are right that it's generally a stupid choice to make, but you're dead wrong in assuming that it's got no benefit at all.

[0] http://read.cs.ucla.edu/click/click

[1] http://www.research.ibm.com/afpa/ "All three components are implemented in the operating system kernel for maximum efficiency"

Dude! I so want this scanner as it will clearly be the best.