Sorry, I didn't really mean to say that Windows securtiy is inherantly worse, so I should probably rephrase. What I mean is I am more comfortable dealing with client security issues on Linux systems than with Windows. Of course you're right that I'm not running grsec patches.
I feel like I know how to reduce the attack surface a bit more easily on linux client systems. Most OEM Windows installations are pretty bad, so I would want to install Windows myself, sans crapware, and with unneeded built in services, apps and hooks and so on removed. If the bootloader was locked, I'm not sure whether I could reinstall the Windows OS of my choosing. Maybe these products have less crap on them though, since the OS image comes directly from Microsoft.
I didn't mean to refer to situations other than personal clients used by me, and I don't really have an opinion about this in general, except maybe: It depends... :)
I feel like I know how to reduce the attack surface a bit more easily on linux client systems. Most OEM Windows installations are pretty bad, so I would want to install Windows myself, sans crapware, and with unneeded built in services, apps and hooks and so on removed. If the bootloader was locked, I'm not sure whether I could reinstall the Windows OS of my choosing. Maybe these products have less crap on them though, since the OS image comes directly from Microsoft.
I didn't mean to refer to situations other than personal clients used by me, and I don't really have an opinion about this in general, except maybe: It depends... :)