I'm not sure why Chrome storing passwords in plaintext is making the round of the news right now. It was reported as a bug in 2008 and marked “WONTFIX” in 2010.
I understand the Chrome devs' point about leaving security up to the OS, but on Linux they just punt and don't encrypt at all (compare Windows where they encrypt in a way that's probably safe (only) for logged out users). If they can't be bothered to do the minimum here, where else are they cutting corners?
Reminds me of the infamous FileZilla bug (same thing "the OS should do it, I don't want to worry about that crap")
he is right in sense encryption or master password means false security you plugged one end but others are open
so users believe they are safe when actually they aren't
he is wrong, when he says we don't want to plug it because there are other ways to get access, he's right when saying master passwd is not the way to do it, devise newer, safer ways to encrypt, twitter's 2-factor security is a good example. while encryption means machine, master password means high order of error, and locking self out