Compared to the other desktop operating systems (Windows and macOS), it absolutely is. It might have other advantages, but security is not one of them, and users should be aware.
huh? Linux security is is soo annoying it won't let other apps spy on key strokes so no way to have push to talk or have OBS on a keybinding.... mean while on windows all apps are key loggers
A brief summary: No trusted boot, no clear security boundaries between system and applications, no application sandboxing, lack of mitigations (both on kernel and userspace), large kernel attack surface, insecure-by-design legacy systems (X, PulseAudio). Windows and macOS perform comparatively better on all of those.
Again, you're talking about a ton of mostly theoretical problems that haven't caused much in the way of widespread problems, which to me don't come close to the following fact:
No serious cloud, perhaps tech generally, company, is like "We're switching to Windows/MacOS to run the backbone tech of what we do."
That's Linux, and Linux will get the downstream security benefits of that. Given actual, real life history, I trust this far more than those other two, especially Windows, which just shat the bed ALL THE TIME. Your real life track record is far more reliable that a parade of imaginary horribles, even when they may be little things that only are on the Desktop.
>No serious cloud, perhaps tech generally, company, is like "We're switching to Windows/MacOS to run the backbone tech of what we do."
True, but it is also true that practically all the other companies, governments and NGOs in the world--the ones that do not have providing services over the internet as one of their core competencies--chose Windows and keep on choosing Windows.
There are strong economic incentives that keeps an OS or other piece of infrastructure dominant for decades once it becomes dominant in some sector of the economy--if that piece of infrastructure requires many specialists for its deployment and maintenance--even when that piece of infrastructure has major problems if a hobbyist or an individual were to install that piece of infrastructure on their personal computer.
>Linux will get the downstream security benefits of that.
Linux would be able to derive security benefits from that if Linus cared, but a reading of his writings on the subject reveals that he does not care much about security.
I'm using Linux to write these words--a distro I chose and installed. I am however aware that because I'm using Linux, it is significantly easier to pwn me than it would be if I were using iOS, Android, ChromeOS, MacOS or Windows, which used to be a joke security-wise in the 1990s, but which has become much better security-wise.
Actually I believe that Qubes is pretty good security-wise, but it is the only Linux distro that is.
I have no reasonable basis to believe your "Linux is easier to pwn" argument.
Saying that all those other non-techy big things "choose Windows" is a really stretchy definition of "choose." It's been long enough, we know the story, robber baron Bill Gates was able to jump ahead and cement Windows mindshare. It is what it is.
Again, I don't get what you're relying on when you say "desktop linux is the worst?" Sure, windows claims to be better, etc. But, and here's the important part, they've ALWAYS been cagey. You just can't ever REALLY know.
Now on the Linux side, sure -- there are lots of visible issues. That's good, because they are visible.
No one knows "all the code," and more importantly, no one can easily predict what Windows (and perhaps Apple) will do tomorrow to screw up the desktop, but we know they have the capacity to.
No thanks, I'll trust the thing that doesn't come with such possible arbitrary baggage.
>robber baron Bill Gates was able to jump ahead and cement Windows mindshare.
I agree and that is one of the thing I meant by my "strong economic incentives that keeps an OS or other piece of infrastructure dominant for decades". But Linux retains its niche in internet services the same way!
Linux became dominant in internet services in the 1990s when the only alternative was Windows (and unlike today, in the 1990s Windows was no more secure than Linux). Apple wasn't even trying to compete in this market (or in the "enterprise" market that Microsoft has dominated since the 1990s): there a nice transcript about an internal meeting at Apple where Jobs tells some engineer that Apple sells its products to consumers and if he want to learn how to sell to IT departments, he should go work for HP or something. The internet-services industry ended up using Linux on its server farms basically because in the 1990s, Microsoft didn't sufficiently appreciate the advantages of open-source licensing, so they ended up disqualifying themselves in the eyes of the Dot Coms.
Also, this conversation is about desktop Linux. What part of a typical Linux desktop (such as my Fedora Workstation install that I'm using to write these words) do you think runs on Google's servers? My guess is that it is just the kernel and a few libraries like libc. How dominant Linux is on servers at Google and Facebook has no bearing on the security qualities or lack thereof of all the other code (Wayland, Gnome, GTK, graphics drivers, media players, codecs, font and typography libraries) running on a typical Linux desktop.
