No it's true. Exchanges are prime targets, so it's risky. Wallets on desktops come in a variety of flavours, and can be secured. Getting root access to your device is trickey, let alone they would not know you have your bitcoin.
Beyond that, the pros and experts who have a lot do cold storage. Putting the keys offline.
Beyond that, the pros and experts who have a lot do cold storage. Putting the keys offline.