Linux user since 1997. Linux is way more secure by design against many threat vectors. But none of those design points matter in the least when it comes to securing your modern computer against unwanted surveillance by agencies with three letters. https://en.wikipedia.org/wiki/Intel_Management_Engine If the mobo has power then the IME (or similar) executing at the firmware level has direct access to the contents of memory and devices at a level below whatever OS is running. That's game over for any device that goes online. Anyone concerned about device security should have, at minimum, an active and secure firewall router on their home network. I'm not even sure that, however, could stop all leakage paths if lower-level protocols such as ICMP or BGP are employed as surveillance conduits. Your best bet for real security at this time is to deviate from the common path. A Raspberry Pi makes a great general-purpose machine for most uses and so far is off the radar of hardware compromises. Or build your own. :). It's not hard to get a CP/M machine going these days and there's a wealth of software and languages for it. Half joke, but the point is trust nothing you do not completely control all the way down to bedrock.