New Massive Botnet Twice the Size of Storm (Dark Reading)

I'd agree, except...

Until Windows Vista the security of Windows was poor.  Most people run as administrator.  They
are forced outside the basic OS to fetch new applications, and therefore the trustworthiness
of those applications may well be lower.

By comparison, the average Linux user is not running as administrator, so a "silent install"
is far less likely.  And 99% of all software they will use comes from repositories owned and
maintained by the distribution, so the issue of trust is easier to address.  Indeed, gpg
signatures are used to help ensure that trust in many cases.

Yes, the user can sudo to root and install malware from any random website.
And yes, you could hack the repository and inflict malware that way (albeit requiring a major
operation to do so).

But the fact is that the design and organisation of most Linux distributions makes it far less
likely, even if it were level-pegging with Windows in user terms, that a user would install
malware.

Linux is still just as vulnerable to social engineering attacks as Windows is ("install this
codec to view our quality p0rn!"), but has a distinct advantage in defending against the less
determined or convincing attacker.

(Vista hopes to change this somewhat, but its uptake rate has been too low to know if it has
been successful in doing so yet.)