phenest wrote:dasein wrote:Windows' installed user base for desktop machines is 3x the size of all other OSes combined.
What if it was the other way round...[W]ould these viruses/malware/ransomware succeed in the same way they have with Windows users?
The phrase "same way" is an invitation to imprecision and equivocation, so let's focus on the specifics you mentioned.
I guess that's a 2 part question:
1. Would it succeed with the OS?
2. If Linux and BSD was dumbed down more to reduce the learning curve, would it succeed with the users too?
Question 1 comes down to a matter of whether privilege escalation and arbitrary code execution vulnerabilities exist in Linux. They most certainly do. Many of them lie hidden for years before they were discovered. (So much for Linus' Law!) An hour at Google reviewing the history of such security issues in Linux is enough to give anyone pause.
Question 2 is a bit fuzzier. It assumes that Windows is "dumbed down" in some way that Linux is not. Is that perception affected, for instance, by the fact that Windows' default UI is a GUI? If so, then Linux is far
more vulnerable, historically speaking, than Windows.
Any *nix GUI has historically required X, and X was applied retroactively and superficially atop existing core components (similar to the way Windows '95 was merely a GUI shell atop a base of largely unchanged MS-DOS). X is
fundamentally insecure with a metric crap-ton of vulnerabilities all its own.
The vulnerabilities for which XP was (in)famous came down to a deeply flawed security posture; but every time a newb-ish Linux user talks about wanting to run as root 24/7, or presents "chmod 777" as a "fix" for a problem they encountered, they are actively recreating that flawed posture.
There is an additional layer of analysis available, one that focuses on design principles. But that discussion pretty much inevitably leads down a path directly towards systemd, which is a discussion I refuse to have for reasons I've articulated thoroughly elsewhere. (Some might say "thoroughly" is an understatement
)
P.S. You say you feel sorry for Win10 users. Ironically, they are the only Windows users unaffected by WannaCry.