i have to admit, I have tired of this type of amateur hour, alarmist analysis.<p>> Well, no. If a hacker has managed to get access to your computer, whether it be through an unprotected port or a botnet-type trojan that you’ve managed to get infected with, then the hacker already has your Windows credentials ...<p>If the hacker has your Windows credentials and local access, nothing Chrome does matters. It’s game over for you. (local 2fa aside, ie touch ID mediated keychain access, that kind of thing.)<p>Had the author reported it to google before declaring his brilliance over <i>GOOGLE</i>’s obviously deliberate choice here, he might have gotten some valuable insight and not embarrassed himself with this post.