Only operating system left that gives semblance of privacy and security.
You mean the operating system where with the default display server any application can read keystrokes, read mouse events, and make screen grabs of any other application? The operating system where no apps are sandboxed by default? The operating system where once you find a local root exploit, which are not rare, you can embed a root kit deep in the operating system?
Sorry for the harsh comment, but Linux is hardly the pinnacle of security. (Perhaps with rare exceptions like Qubes or RHEL with SELinux on servers.)
> can read keystrokes, read mouse events, and make screen grabs of any other applic
As compared to Windows in which an app can't do that?
> The operating system where no apps are sandboxed by default?
As compared to Windows or Mac where apps are sandboxed by default?
> The operating system where once you find a local root exploit, which are not rare, you can embed a root kit deep in the operating system?
As a desktop user, not sure how this applies. Windows has rootkits as does Mac.
However, every time I boot my computer my computer doesn't call home. I am also not worried about government agencies having unfettered access to my machine as a default setting. With Windows I don't know that. When I install Mac I give them my e-mail address and thereby my identity just to install the operating system. They also have my credit card number. When a Mac calls home they have my IP. So anything I do online can be traced by to my identity as a default setting through Apple... a company not located in my country.
As I said a semblance of security and privacy. Better than no semblance which at this point is the case with Windows and Mac. I know it's not real security, but best that no money can buy at this time.
I also have Windows. It's for playing old games... Surprising they still work after 15 years.
> As compared to Windows in which an app can't do that (read keystrokes of other apps)
Yes, Apps can't do that.
> As compared to Windows or Mac where apps are sandboxed by default?
Yes, apps from both the windows and mac App Stores are sandboxed.
I'm not sure what your point is. I'm not saying Windows is perfect at all, but the GUI security is better. If nothing else, consider the classic ctrl+alt+delete, which no app can catch. On Linux there is no way to be sure the 'login' you are seeing isn't a program someone has installed to capture logins. On Windows I know the login is genuine if I press ctrl+alt+delete.
The parent comment is (slightly obtusely) talking about "UWP Apps", which are installed from the store and have mobile-style "sandboxing". Normal Win32 applications can of course use SetWindowsHookEx() and the DirectDraw screen functions to take over your screen.
So, in contrast to default Linux distributions, a root kit cannot replace system files (a common trick that root kits apply is to replace system files to preserve itself during reboots and to hide the root kit, e.g. by hiding it from 'ps' output).
Moreover, macOS only loads signed kernel extensions, so it is not possible for a root kit to inject itself as a loadable kernel module. I think the same is true for Windows, but I am not familiar enough with Windows.
I am also not worried about government agencies having unfettered access to my machine as a default setting.
You are throwing two things one one heap now: (1) having a backdoor and (2) sending out usage data.
If you believe that there is a difference between Linux, macOS, or Windows when it comes to (1), this is utterly naive. Linux distributions have a large number of package maintainers and upstream projects. You cannot be certain that none of these ten thousands of people is compromised and inserts a subtle backdoor. And even if you are certain about this, it's likely that government actors have a collection of exploitable remote and local exploits.
When it comes to sending out data, such as usage data, use an app firewall. E.g. with a program like Little Snitch, it is easy to configure which program can contact what server in the outside world.
Ps. Linux has the potential to be very secure. A lot of the technology is there (e.g. Wayland and SELinux). The problem is that the Linux community is too conservative and/or believes in the myth that Linux is already secure.
I think that you are underestimating the use of the Mac App store. Many applications are only available in the app store, just to give some examples of popular Mac Apps: Pixelmator, Affinity Designer, OneDrive, Pages, Numbers, Keynote, iMovie, Garage Band, Tweetbot, and Airmail. Then there are many Apps that can be purchased both through the Mac App Store or from the vendor, such as Omni{Graffle,Focus,Outliner}, Fantastical, 1Password, Photoshop Elements.
The majority of apps that I install come from the App Store.
Moreover, some vendors also sandbox non-app store apps. E.g. Chrome tabs, Photos, or Safari tabs.
That's the same thing. There is no OS I'm aware of that has separate versions for "laptops" and "desktops"; a laptop IS a "desktop" these days, as opposed to a "mobile device" running a mobile OS (Android/iOS).
You mean the operating system where with the default display server any application can read keystrokes, read mouse events, and make screen grabs of any other application? The operating system where no apps are sandboxed by default? The operating system where once you find a local root exploit, which are not rare, you can embed a root kit deep in the operating system?
Sorry for the harsh comment, but Linux is hardly the pinnacle of security. (Perhaps with rare exceptions like Qubes or RHEL with SELinux on servers.)