> Wrong, the point of the operating system is to manage local state, hardware, etc.
Yes, and to manage local state and hardware it needs to be able to control the hardware and other software.
You can build an OS that doesn’t take advantage of those capabilities but you can’t build an OS that doesn’t have them. Hence why the key is trusting your OS vendor.
> And the technical distinction? You can turn off everything in linux, you can make it so the computer cannot update itself. The Operating System is unable to change itself in this configuration, the only way around this is for you to choose to update it.
Sure you can do all that but what you can’t do is make it so your Linux based OS can’t control your hardware and software. At the end of the day, the key is still trust, either in your vendor or in your own audit.
You have presented a great many reasons why Linux is more trustworthy than Windows to many people but you cannot get around the problem of having to trust someone.
> but you cannot get around the problem of having to trust someone.
You still don't get it...
At the end of the day, I don't have to trust anyone with an OS that I fully control, with hardware that I fully control, because I can verify every bit of hardware, every bit of software, even stop the kernel from doing things if I want to (yes its possible, technically).
Sure, I can place some temporary trust in some components, but it doesn't matter really, because I can always swap/disable/remove audit/reaudit any component. You can choose to trust, as much or as little as you want. I don't have to use the kernel at all if I don't want to, I could swap in another one and still be good to go (more or less).
This is different from the case here, where by default, not of my choosing, actively and persistently nearly every aspect of a Windows computer is obfuscated, un-auditable, actively and without consent doing things that are not operating system things but spyware, bloatware, crapware, or just straight up malware. You can wave your hands around as much as you like waffling about "trusting someone" but there is a big big difference between someone acting reasonably, and choosing to allow them into your home, and "trusting" someone with a knife to your back not to shiv you.
One is reasonable, a choice, and low risk, the other is clearly none of those things. You don't have to "trust" low risk situations, they are just low risk, no trust involved.
Yes, and to manage local state and hardware it needs to be able to control the hardware and other software.
You can build an OS that doesn’t take advantage of those capabilities but you can’t build an OS that doesn’t have them. Hence why the key is trusting your OS vendor.
> And the technical distinction? You can turn off everything in linux, you can make it so the computer cannot update itself. The Operating System is unable to change itself in this configuration, the only way around this is for you to choose to update it.
Sure you can do all that but what you can’t do is make it so your Linux based OS can’t control your hardware and software. At the end of the day, the key is still trust, either in your vendor or in your own audit.
You have presented a great many reasons why Linux is more trustworthy than Windows to many people but you cannot get around the problem of having to trust someone.