So instead of having these machines in our serverroom inside our office, we'd have to pay for using them in a data center and register URL's, only because some ISP's use an insane way to handle NXDOMAIN? There are many valid reasons to "go into the cloud", but this is not one of them.

You can assign real ip addresses to machines in your server room, give them dns, and firewall them externally. Just ask your isp for some addresses. There is no reason why this is any different from using nat in security, but you can use real dns. You can use ipv6 if you can't get ipv4 addresses.

Or, the browser can just not default to name servers it deems best for everyone and work how it's always worked: well.

This just seems like adding duck tape to a self-inflicted problem.

Non-publicly-routable addresses are a hack that will cause you nothing but trouble, and are going away with IPv6, so you might as well move away from them now.

(Not that having chrome use 8.8.8.8 is a good idea either. As is often the case with hacks, either on its own works fine but the two interact poorly.)

Not sure I agree that non-publicly-routable addresses are a hack. The ability to run your own DNS server and having a firewall are pretty elegant components of most networks.

That being said, it very well maybe time to find a better alternative :).

Firewalls have their place but should not be conflated with routing; the two are separate, and treating them as the same can lead to confusion and broken security.

As for DNS, it has a very elegant hierarchical delegation system, such that organizations can control their own while also ensuring that all the world's DNS servers give consistent answers (and if you need short names for your internal systems on your own network, that's what search paths are for).