Tbh, if Linux had the same user base as windows had back then a large amount of people would postpone any update indefinitely and we’d be in the same shit.
Yeah it’s a different game when your user base is tech savvy and self-selecting. When you have to deal with a billion non-technical people you have to be a lot more protective.
But even so Linux seems miles ahead. It’s Microsoft who should be the most motivated to add things like AppArmor, Flatpak, immutable system, curated app repos, executable as a filesystem attribute etc. They’re doing none of that, they plateaued at UAC and bundling their own antivirus.
They tried. UWP and the Windows Store did loads to boost security and make the source of apps verifiable, but people hated it and barely used it, so the holes they were supposed to patch stayed open. The store itself did have the problem that part of its raison d’être was to try and take a cut of the sales of all software for Windows, like Apple do for iOS, and UWP made certain things a pain or impossible (sometimes because they were inherently insecure), but UWP wasn’t tied to the store and did improve even though it’s barely used.
executable as a filesystem attribute
This already exists. It’s labeled as “Traverse folder / execute file” in the UI.
NTFS permissions are also more powerful than the default Linux permission system. Instead of just being able to define permissions for a single user and single group, you can define them for an arbitrary number of users and groups.
I say “default Linux permission system” because you can actually use ACLs on Linux (getfacl and setfacl commands), they’re just not used by default. They used to be common in businesses and schools, but these days everyone seems to store their files “in the cloud” and the permissions are managed there instead.
curated app repos
This is what the Windows store is supposed to be. There’s also WinGet, but I’m not sure if it’s curated.
NTFS permissions are just needlessly complicated and convoluted and create more problems than they solve for desktop use. They’re more for server use, but then again, so are ACLs on Linux. If Windows would just use simple permissions like Linux does, it’d be a hell of a lot better.
The Windows store is also a sandboxed, heavily restricted pile of trash you can’t even get at for most of its apps. And Winget has so many issues from its install scripts not working right to just being outright broken that it’s not worth using. Even flatpak installs can be easily modified and used normally.
The excuses for using obsolete Windows continues by its paid shills and brainwashed users. Give it up.
