All of this is moot if essential services like government or banking require root of trust attestation that is only available on windows. New chips already have Microsoft's pluton core.
Which is why Linux distros should be investing heavily in security now so they can prove to manufacturers / Microsoft / the government that they are secure (compared to other consumer operating systems) to avoid a future like that.
Linux distros should not have to prove anything to Microsoft for any reason. It's a major failure that our governments ever let a major operating system vendor get into a position where they can gatekeep other operating systems.
It's pretty hard to compete with open source plus byte-reproducible builds for anyone serious about security. Not only is MS neither of those, it's also the premier malware target and a voracious surveillance instrument on its own.
Open source doesn't necessarily imply it is secure. Security isn't free and open source projects can struggle funding such development.
>byte-reproducible builds
This is mostly a party trick. Meanwhile the system is one curl | sh away from having all its cookies stolen, files cryptolocked, mic spied on, keylogger installed, clipboard sniffed, etc. Reproducible builds can't save you from insecure design which my comment was referring to investing in fixing and is what this patch being highlighted in the article is doing.
>it's also the premier malware target
Having a large market share is why. If Linux overnight gained a ton of marketshare the malware situation would be worse than windows.
That's true if your definition of security is "I hope we found all the vulns" from the 1990s. Today we expect defense in depth and Linux is behind Windows in sandboxing, VBS, etc.
