The underlying user/group systems are a little more secure, containerization is common and easy (flatpak, bubblewrap, and firejail), the attack surface is lower, the marketshare is smaller, and repositories are fundamentally superior. Of these, app repositories and the market share are by far the biggest factors.
Getting malware on Linux isn’t totally unheard of, but it is extremely uncommon. I’ve never had any, nor has anyone I know. This guy isn’t the first person I’ve heard of getting malware on Linux, but he is one of very, very few.
one added benefit of Linux: It doesn’t - on a default installation - enable tons of services the user will probably never need. These services on Windows listen on the internet connection for incoming requests (e.g. remote desktop service), or are available locally for other exploits.
One of the reasons Windows “just works” (well…) is because literally EVERYTHING is preconfigured and activated on startup. That’s also one of the reasons why the system is such a resource hogging piece of work…
It’s a work of hours to manually go through system services and identify & disable everything you will not need.
The underlying user/group systems are a little more secure, containerization is common and easy (flatpak, bubblewrap, and firejail), the attack surface is lower, the marketshare is smaller, and repositories are fundamentally superior. Of these, app repositories and the market share are by far the biggest factors.
Getting malware on Linux isn’t totally unheard of, but it is extremely uncommon. I’ve never had any, nor has anyone I know. This guy isn’t the first person I’ve heard of getting malware on Linux, but he is one of very, very few.
one added benefit of Linux: It doesn’t - on a default installation - enable tons of services the user will probably never need. These services on Windows listen on the internet connection for incoming requests (e.g. remote desktop service), or are available locally for other exploits.
One of the reasons Windows “just works” (well…) is because literally EVERYTHING is preconfigured and activated on startup. That’s also one of the reasons why the system is such a resource hogging piece of work…
It’s a work of hours to manually go through system services and identify & disable everything you will not need.