Granular permissioned access for apps from trusted supply chains is better than attempting deny lists based on signatures (AV).
I still use it, but I put way more effort into SLSA, securing containers, flatpaks, and limiting their blow back. From there its keeping up with CVEs in ways that do not create more or break functionality.
I will say A LOT of the Linux software ecosystem is was more secure than Window’s default.
Granular permissioned access for apps from trusted supply chains is better than attempting deny lists based on signatures (AV).
I still use it, but I put way more effort into SLSA, securing containers, flatpaks, and limiting their blow back. From there its keeping up with CVEs in ways that do not create more or break functionality.
I will say A LOT of the Linux software ecosystem is was more secure than Window’s default.