I use Firefox and Firefox Mobile on the desktop and Android respectively, Chromium with Bromite patches on Android, and infrequently Brave on the desktop to get to sites that only work properly with Chromium (more and more often - another whole separate can of worms too, this...) And I always pay attention to disable google.com and gstatic.com in NoScript and uBlock Origin whenever possible.
I noticed something quite striking: when I hit sites that use those hateful captchas from Google - aka "reCAPTCHA" that I know are from Google because they force me to temporarily reenable google.com and gstatic.com - statistically, Google quite consistently marks the captcha as passed with the green checkmark without even asking me to identify fire hydrants or bicycles once, or perhaps once but the test passes even if I purposedly don't select certain images, and almost never serves me those especially heinous "rolling captchas" that keep coming up with more and more images to identify or not as you click on them until it apparently has annoyed you enough and lets you through.
When I use Firefox however, the captchas never pass without at least one test, sometimes several in a row, and very often rolling captchas. And if I purposedly don't select certain images for the sake of experimentation, the captchas keep on coming and coming and coming forever - and if I keep doing it long enough, they plain never stop and the site become impossible to access.
Only with Firefox. Never with Chromium-based browsers.
I've been experimenting with this informally for months now and it's quite clear to me that Google has a dark pattern in place with its reCAPTCHA system to make Chrome and Chromium-based browsers the path of least resistance.
It's really disgusting...
Any Web browser that claims privacy and security while using chromium as its base isn't worth the risk, they may have implemented fixes and added their own proprietary code, but it's still chromium and Google most likely hides a bunch of stuff from devs so they can't mess with it.
Chromium is open source.
It's still made by Google, tho, so can you really trust that there's no hidden shit? This is a company that is trying to create a monopoly over website access.
Have you reviewed each line of the code and do you make sure to review each commit before updating?
No but some people do. And even if Google could get away with hiding spyware in open source code for a while - even for a long while, the moment they got found out doing that, it would hurt their reputation so badly it would never fully recover from it. Not that their reputation is great right now, but I'm pretty sure that's a line even they won't cross.
Would it? Because it happened.
Bromite is not proprietary. But yeah, the chromium codebase is huge, it may be possible that certain bad parts were not found by the fork maintainer
They can, Vivaldi devs doing this since more than 7 Years, and other do the same even EDGE, which is certainly an privacy nightmare, by sendin a lot of stuff to M$ and a lot of other, even to TowerData, but to Google zero. Because of the continuos fails to try to control Chromium users, now Google try it with his apps and services and webpages which use these, introducing this WEI DRM crap for Webpages, which permits to block any browser if it don't include the Google Token "to prove that it is a secure browser". That affect all browsers equally, independent of the engine it use, even Firefox. That is, or add this Google Token or forget internet. The ring to rules them all. Or we all work together against this outrage, preventing Google from introducing this shit or game over for a lot of small browsers and forks in a future only with Chrome, EDGE and nothing more.