The person you replied to is right, the "security" of Linux might as well be nonexistent compared to macOS and especially iOS/Android. Even the developers of Secureblue (https://secureblue.dev/) state that despite their hardening and mitigations Linux still lags far behind macOS (and possibly Windows) security-wise. The only Linux derivative that has proper security is Android, and even better GrapheneOS.
Linux is easier to misconfigure. Macs resists being misconfigured insecurely. At their tightest, I'd say neither is fundamentally more insecure than the other. (The exception would be M5-based Macs, which come with MIE. Though that isn't a macOS vs Linux thing per se.)
This is incorrect macOS is fundamentally more secure than desktop Linux operating systems and it isn't particularly close.
No amount of Linux hardening will get a system even close to an M-chip Mac. Software insecurities aside, desktop Linux OS systems have almost none of the hardware-backed security benefits that Macs do.
At some point, lack of security becomes a feature. A fully secure, locked-down, T2 attested macOS is able to be controlled not just by Apple, but by increasingly evil governments, with no recourse available to users.
Conversely, a Linux system with no verified boot can be easily tampered with without the user detecting it by people lower than the government such as casual hackers. So in a world where your government is going crazy, you're opting for an operating system that can be penetrated with relative ease (e.g. with persistent root malware) both by a non-government hacker on top of a state backed one.
It's not really about supply chain security it's about the hardware itself. PC manufacturers in general just can't keep up since they don't have full control/integration over the hardware stack like Apple does. Also CPU, secure element etc security is limited but Qualcomm is catching up pretty quickly I believe if they aren't there already. We won't talk about Intel and AMD. But that's beyond my knowledge so I can't say anything too specific that's just what I have from general knowledge I'm sure someone will jump in with additional info if needed.
I don't think Apple is particularly any more secure against the US government than Intel is with supply chain vulnerabilities but I have nothing to back that up with aside from vibes.
This claim is so absurd that I need some sources.
The person you replied to is right, the "security" of Linux might as well be nonexistent compared to macOS and especially iOS/Android. Even the developers of Secureblue (https://secureblue.dev/) state that despite their hardening and mitigations Linux still lags far behind macOS (and possibly Windows) security-wise. The only Linux derivative that has proper security is Android, and even better GrapheneOS.
https://privsec.dev/posts/linux/linux-insecurities/
https://madaidans-insecurities.github.io/linux.html
I also commented here on Linux phones, the same can apply to Linux as a desktop OS: https://news.ycombinator.com/item?id=46997397
Also on top of that Linux/Windows laptops also lack the hardware-backed security that Macs and to an extent some Chromebooks have.
Linux is easier to misconfigure. Macs resists being misconfigured insecurely. At their tightest, I'd say neither is fundamentally more insecure than the other. (The exception would be M5-based Macs, which come with MIE. Though that isn't a macOS vs Linux thing per se.)
This is incorrect macOS is fundamentally more secure than desktop Linux operating systems and it isn't particularly close.
No amount of Linux hardening will get a system even close to an M-chip Mac. Software insecurities aside, desktop Linux OS systems have almost none of the hardware-backed security benefits that Macs do.
At some point, lack of security becomes a feature. A fully secure, locked-down, T2 attested macOS is able to be controlled not just by Apple, but by increasingly evil governments, with no recourse available to users.
Conversely, a Linux system with no verified boot can be easily tampered with without the user detecting it by people lower than the government such as casual hackers. So in a world where your government is going crazy, you're opting for an operating system that can be penetrated with relative ease (e.g. with persistent root malware) both by a non-government hacker on top of a state backed one.
I'd also guess it's much harder to securely source components for a Linux build in the way Apple is able to.
It's not really about supply chain security it's about the hardware itself. PC manufacturers in general just can't keep up since they don't have full control/integration over the hardware stack like Apple does. Also CPU, secure element etc security is limited but Qualcomm is catching up pretty quickly I believe if they aren't there already. We won't talk about Intel and AMD. But that's beyond my knowledge so I can't say anything too specific that's just what I have from general knowledge I'm sure someone will jump in with additional info if needed.
I don't think Apple is particularly any more secure against the US government than Intel is with supply chain vulnerabilities but I have nothing to back that up with aside from vibes.
Security by obscurity worked quite well