Its mostly a windows problem. I haven't seen malware from .debian.org or more recently .freebsd.org.
So on freebsd, pkg install nvidia-driver, or on legacy linux apt-get install nvidia-driver and you're all done.
Someone looking for trouble could do it the hard and dangerous way, but why?
Also commercial software other than possibly games, is dead man walking and is dead on FOSS platforms. Sure, go ahead, pretend its the 80s and try to charge me money for an editor, or a compiler, or pretend its the 90s and try to charge me for a web browser or a database, its just not happening.
OK, make an editor that great as Sublime Text, put a msgbox that I really should pay $60 for multi-PC license, and be done with it.
Ubuntu uses the information about searches
to show the user ads to buy various things
from Amazon. Amazon commits many wrongs
(see http://stallman.org/amazon.html); by
promoting Amazon, Canonical contributes to
them. However, the ads are not the core of
the problem. The main issue is the spying.
Canonical says it does not tell Amazon who
searched for what. However, it is just as
bad for Canonical to collect your personal
information as it would have been for Amazon
to collect it.
I mean maybe—it's not like you have the option to analyze or debug what you're running. You can't predict everything that can go wrong, even if you know the rest of your system top to bottom.