I take it that you are unaware of the concept of defense in-depth, because your argument is essentially: well if they can come in the front door, then they can open the garage & steal my car too easy, so putting lock on the doors would make people think their car was secure. To enable a person to lock the car door would be silly because once a person has access to your house, they own everything in it. While no security measure is perfect, and with enough motivation & resources anything can be cracked, making things a bit more difficult with master password locking, etc. will stop casual security breaches: I.e. a boyfriend/girlfriend finds out their SO uses Chrome, so he/she steals their SO’s passwords from Chrome in seconds to later use against them after a break up, or to monitor them, etc. This happened (to a friend of mine BTW) and had Chrome had a master password, the SO would never have been able to do it because most people do not have the resources available to do it, an those people are the most irresponsible with having access.
This thought that by making something less secure, you are in fact helping the user from having a false belief—that they are secure—is an ignorant decision at best because nothing is secure, but things can be more secure. & from I have learned balancing convenience & security usually falls somewhere between. a 5 second to breach to breach security policy (Chrome) is no where near (the standard) 5 seconds to unlock by typing in a master pass with a default 10 minute idle lock.
Basically, you are fighting ignorance with even greater ignorant decisions.
I'm a professional programmer with more than 20 years of experience and I think noivad makes an excellent point here. If you apply Justin Schuh's argument to door locks, the conclusion would be that door locks are insecure so don't even bother having them in the first place. How are they insecure ? Take an axe and break the door down. That should probably bypass almost any kind of residential door. Alternatively, break a window.
The reason to have a master password to protect Chrome passwords, for most people and in 99.9% of cases, is that not that we fear we'll get hacked by some random jerk. It's to prevent a casual acquaintance from discovering our passwords easily.
At this point, I think what may have happened is that, at some point, the Google Chrome Security made a decision based on logic that had numerous merits, but doesn't work too well in practice. Now that they've committed themselves over and over by defending this practice, they're so vested in this decision, that they'll defend it, even to their professional demise.
Again, I think their original decision not to have a master password was a smart decision, but not a wise one. As an analogy to door locks again, the smart decision is not to have door locks because they're very insecure (think breaking down a door or window with an axe).
It sounds like this Google Chrome security policy will most likely not change until some significant leadership changes are made over there..
Basically, you are fighting ignorance with even greater ignorant decisions.