Not OP but - Windows is being bombarded by malware every second of every day. Linux, with its 6% of desktop user market share - not so much. This kinda’ guarantees Windows has a pretty good resilience (these days).
On top of that - in Linux you can change/break anything, which means bad actors could have you run malware by posting “helpful” comments on help threads. You know, “just run this .sh with sudo”.
Then you have situations like Arch has been going through - DDOS attacks on official repos and malware injected into a couple of packages in AUR. Sure, it got caught - but how many users installed the malware? How many other packages are under less scrutiny and are still serving malware in AUR?
And, I’m certain, someone out there is reading this and preparing to write a hot take on how “AUR is what it is, you’re not supposed to blindly install stuff from it” - but that’s exactly the problem. Because 99% of users have no clue what they’re doing.
Linux doesn’t really have better security. It is actually worse from a purely security perspective.
The key difference is privacy and freedom. A high security prison might be secure but you probably don’t want to be there.
Why worse?
Not OP but - Windows is being bombarded by malware every second of every day. Linux, with its 6% of desktop user market share - not so much. This kinda’ guarantees Windows has a pretty good resilience (these days).
On top of that - in Linux you can change/break anything, which means bad actors could have you run malware by posting “helpful” comments on help threads. You know, “just run this .sh with
sudo”.Then you have situations like Arch has been going through - DDOS attacks on official repos and malware injected into a couple of packages in AUR. Sure, it got caught - but how many users installed the malware? How many other packages are under less scrutiny and are still serving malware in AUR?
And, I’m certain, someone out there is reading this and preparing to write a hot take on how “AUR is what it is, you’re not supposed to blindly install stuff from it” - but that’s exactly the problem. Because 99% of users have no clue what they’re doing.
Thanks for the summary!
If you want a bit more, also on security, check this comment.