Re: No panacea
I said it was unpopular, because I've said the same thing before to a billion downvotes there are a number of commentors here who interpret any criticism of Linux as a personal attack. I don't actually care about downvotes, but I do care that people bother to read what I say, rather than knee-jerk from the point of view of MS=Shite, Linux=The best thing in the world. Particularly because having a false sense of security engendered by believing that one is really smart because one is running the most secure OS is what leads to sloppy security. A few years ago a friend of mine was lecturing me about how Linux was far more secure than Windows. Of the two of us, one had discovered that his workstation had been rooted and was being used to serve porn. It wasn't me. Of course this was down to super-smart hackers, rather than sloppy user security.
Stuxnet may well have used zero day vulnerabilities in Windows, but we have literally no way of knowing if there were any software or hackers actively using the zero day flaws I mentioned above. That we know about stuxnet is down to an accident which put it into the wild. I don't know of any problems therfore there aren't any is a mindset which leads to sloppy security.
Also, if you believe that Linux users can verify the build on their machine, you have a far higher belief in the ability of the users than I would think is warranted. You also trust that the sites supplying the source sode are legitimate and that the compiler tools are legitimate. You furthermore rely upon the thousands of eyes, knowing what they're seeing and looking in the right direction.
It's all down to trust. Personally, I trust Red Hat, I trust CentOS, but I also trust Microsoft, Apple, IBM and HP.