Apples and oranges. Android is supposed to isolate apps from each other (yes, theory). So a malicious app should only be able to steal data the user provides it with.
On the other hand, a single malicious extension will compromise the entire browser. Nothing you do on any website is any longer safe.
Not that I don’t think that Google should pay more attention to the apps in the Play Store. But allowing extensions to hide their functionality with remote code is plain negligent.
MV3 makes it considerably harder to introduce a security vulnerability, but it doesn’t really help with outright malicious extensions. In the end this isn’t an issue which can be solved by technical means. It’s a moderation issue, and Google currently seems to be scaling back moderation despite not being great at it to start with.
What is there to be gained you ask? Well, there is currently a creep in a position of power at FSF who is actively making women and other people feel unwelcome, effectively pushing them out of the community. By removing him from this position, making it clear that such behavior is unacceptable and will not be tolerated, a much broader participation could be achieved. And then these "much bigger" issues you seem to care about have a better chance of being solved.
Unless of course your whole point was using whataboutism to defend your hero, because you think that past achievements always outweigh any harm he may be doing.
Apples and oranges. Android is supposed to isolate apps from each other (yes, theory). So a malicious app should only be able to steal data the user provides it with.
On the other hand, a single malicious extension will compromise the entire browser. Nothing you do on any website is any longer safe.
Not that I don’t think that Google should pay more attention to the apps in the Play Store. But allowing extensions to hide their functionality with remote code is plain negligent.