Windows gives a semblance of trusted code, also Microsoft sells certificates to developers.
Nothing (!) like that exists in the Linux world aside from PGP cross singing which barely any projects use because of its sheer complexity.
Don't lie about Windows and don't lie about Linux.
And Windows 10/11 both mandate that installers are signed before you can even launch them, so there's a very decent first line of defense which is TOTALLY missing in Linux.
Also, "trusted sources"? Who and why would you trust? Seasoned engineers in my company git pull any crap from the web and run it happily without thinking twice because AGILE and things like RoR. Who do you trust among thousands of modules?
God damn it.
Linux fans will make up all sorts of crappy pseudo-arguments to portray it as a decent/secure/stable OS and it's none of that.
On servers where you don't touch anything and never install third-party software? Yeah, surely. No one cares.
Distribution package maintainers generally vet the packages they make avaliable and updates to repositories are typically PGP signed with cryptographically secure hashes for the files. I say typically because I am only familiar with Gentoo and to a lesser extent, the Debian family.
As for Windows, there is no signing requirement according to Microsoft:
> Windows doesn't require software developers to digitally sign their code
Continue to use a crap pseudo-OS with no security and believe everyone around is a geek who is willing to learn CLI, bash, vi, git bisect, reading mans, etc. just to use it.
You have now accused me of saying something I'd never said, you crossed the line and goodbye.
