I love Linux, but this is really a cheap shot. Out of the box, desktop security is much better on the Mac. Slim boot ROM in place of UEFI (which can be backdoored), no always-running Intel ME/AMD PSP, fully verified boot chain, sealed system volumes, heavy use of a secure enclave to protect secrets, mandatory sandboxing for App Store apps, malware checks through XProtect, limited access of apps to key folders (Desktop, Documents, iCloud Drive), limited access to privacy-sensitive devices (camera, mic), etc.

Linux will get there, but currently macOS is much more secure as a desktop.

Half of the stuff you names is security from you, not security for you.

You can turn pretty much all of it off, disable SIP, boot Linux, whatever you like.

Good security is layered. For example, even with a sandbox escape, and app could not read your full Documents directory, modify the OS, or install a firmware-level rootkit.

While in general you are right, you should not forget that almost one year ago it has been revealed that the "Apple Silicon" CPUs had a hardware backdoor that had been exploited for years by malicious entities (i.e. some unprotected test registers that allowed the attacker to bypass the memory protection and gain complete control remotely, through the sending of an invisible message, without any chance of being detected by the owner; the complete exploit had used a chain of bugs in the Apple system libraries, together with the hardware backdoor).

Such a hardware backdoor is rather more severe than most of what has ever been discovered on non-Apple devices.

As long as the main protection of the Apple devices consists mostly in their lack of detailed technical documentation, one can never know whether other such hardware backdoors exist.

Do you have a reference for that? It doesn’t sound like GoFetch, which is the closest on timing.

I have got to believe that there are some nasty zero days for linux

The advantage of everyone running the same software and hardware platform is that you can concentrate on hardening that one system. The disadvantage is that vulnerability is universal.

The advantage of everyone running a disparate environment of many of different libraries and binaries is that vulnerability is likely unique. The disadvantage is there are many more opportunities for the researcher to find vulnerability in the mess.

Choose your poison, the only secure system is powered down.

Vulnerabilities in the Linux kernel would have a similar impact to a macOS kernel bug. It’s a myth that “more eyes means more secure” for OSS ;-) - it can be true, but often that’s not the reason

You probably mean to Qubes OS.

15+ years of mac user here, just swapped to a Lenovo X1 Gen12 running Ubuntu and it's so smooth.

can you tell me about the battery life? I seriously need a new laptop to run linux and I need decent battery life. Don't want to buy a Mac just to have more than 3 hours of battery life

On "Battery Saver" and low brightness you can get up to 8h - 10h, easy.

Which processor? There U or the H?

Intel Core 7 Ultra 155U. 32 GB RAM. Ubuntu 22.04.

lol, probably because they have a propaganda leak.

That’s why we have concepts like “the 10th man”

it seems multiple ESP32s would fit into this giant case.

You could without boost converter and the battery. https://x.com/rogerscissp/status/1847430193113141549/photo/1

True, significant only because offered for 9 EUR initially.

Not only — when I visit friends in the UK, I've had single rail tickets cost more than the increased next years' cost of a monthly nationwide ticket here in Germany.

The article is from 2014 and BTC doesn't even use SHA-1 anyway.

SHA-2 was mentioned in the article as well

Yeah, wake me up when there are known exploits to sha256