If you didn't hear it from security professionals then you've heard another old wives' tale. Safari was the only browser to fell and lead to OS kernel privilege escalation at last year's Pwn2Own.
https://www.thezdi.com/blog/2020/3/17/welcome-to-pwn2own-2020-the-schedule-and-live-results
You are right and this is what I read about
“
CALEB wrote....
✓ Automatic updates
✓ Partially open-source
Tracks a great deal of user data
Over a decade has passed since the launch of
Google Chrome, and it has since become the undisputed leader in
browser market share, at almost 80%. Given its reputation for speed and the prevalence of Google services in our lives (web search,
YouTube,
Gmail, Google Docs, etc.), it’s no surprise Chrome has become the most widely used web browser today. But how does it perform on your privacy and security?
The good
In addition to leading its competitors in update frequency and scanning for harmful downloads, Google automatically updates Chrome to the latest version
every six to eight weeks, ensuring its users are always enjoying the latest browsing features. Part of its code is also open-source, which allows users to scrutinize, and also adopt, parts of its code.
Google has also
encouraged hackers to find vulnerabilities in its own browser so the company can improve its product.
The bad
While the browser does offer the usual pop-up blocker and allows users to send a “do not track” request along with their browser traffic (which, by the way, does very little to stop sites from tracking you), one simply cannot ignore that Chrome belongs to the company that makes millions from
knowing everything about you.
From
automatically signing you in to the browser to a fishy
location history policy, Google seems to be developing the habit of rolling out something unpopular before reeling it back in another update. There are
ways around this, but Google is still using Chrome to learn about you and then monetizing that information.
Google did
announce that they would eventually force third-party cookies to identify themselves on Chrome, but no word on when that will happen, nor whether this would actually stop trackers.
Chrome also boasts an extensive library of
browser extensions, which offer a range of additional functionalities but at the cost of reduced privacy. Furthermore, since Chrome is a closed-source browser, no one can crack it open to see what (if anything) is hidden in the code. That said, this is no problem if you trust
Google’s stance on privacy, and there is also an
open-sourced version of Chrome available.
Would we recommend this browser? Not unless you want Google tracking everything, no.” 👎