alt Hacker NewsThere's a lot of servers running Linux that are regularly targeted by malware.
There is a big difference in what software a desktop user runs versus what runs on a server, but the great thing about Linux is that you can keep just as much variation between your install and the average desktop user.
Your best bet for security is probably running OpenBSD, but within Linux, if you avoid common optional applications and services like Gnome, KDE, pulseaudio, systemd, etc., you'll have a significantly different attack vector. Avoiding Python and Node package managers and sticking to your distribution's package manager would be great, too.
Thanks, and that probably is a good security posture, but having to stop using everything good and switch to OpenBSD is exactly what I want to avoid!