[palant]

Note: I am the author of this article.

Apples and oranges. Android is supposed to isolate apps from each other (yes, theory). So a malicious app should only be able to steal data the user provides it with.

On the other hand, a single malicious extension will compromise the entire browser. Nothing you do on any website is any longer safe.

Not that I don’t think that Google should pay more attention to the apps in the Play Store. But allowing extensions to hide their functionality with remote code is plain negligent.