[Carpetsmoker]

The problem seem to be mostly related to the tight integration of various userland components on the Linux desktop.

It's difficult to avoid this; for better or for worse, the browser has taken a central role in our daily lives and the desktop ecosystem. Even without Gnome or KDE you're probably still vulnerable to some of this nonsense.

At any rate, it's the same mistake over and over again: exposing untrusted input to untrusted code :-/ It's easy to shout "zomg idiot programmers!", but it's easy to make a mistake, and sometimes your code may get run in contexts/ways you never expected (the guy who wrote that gstreamer module probably just hacked something up in a weekend, he never expected it to be loaded in Firefox).

This is why exploit mitigation is so important, and why it's so disappointing Linux (or FreeBSD, for that matter) hasn't been taking this as serious as some other platforms (i.e. OpenBSD).

Is it more or less secure than Windows 10? Perhaps, perhaps not. Who cares? That's the sort of 2001-era "Micro$hit" and "Linux: the facts" pissing contest I'd rather leave in the past...