Ignoring all the pieces of information that go against your own belief is bad.

I didn't say it's a perfect, or "best" solution. I said it's the alternative that has more chances of actually happening. Because it is the most "low effort" one, and the most "shared load" one since it has many different customers.

Really, unless someone comes and finds the time/money to maintain the old crap to run the other old crap, which will grow to become a monumental undertaking within a decade, the best you can do is isolate the whole thing as best as you can.

And migrate where possible.

...sorry? I thought the default repos were safe?

Furthermore, many people in Windows land use password-less accounts. What would they input when prompted on Linux?

Sadly, in this lazy world there are no but's.
Maybe we can have a compromise by having some "Are you sure?" yes/no dialog? (like Android)

There are third party repos too, and most distros allow you to add a new third party repo with a few clicks. (Opensuse with the 1-click thing, and Ubuntu with the ppa links that open by default in a dedicated application)

If you are running as root with no password, afaik there is no password prompt apart from any "are you sure" that the program would have done anyway.

Please no. Current Linux desktop security model sucks ass (as it's designed for servers) and running as root only drops what little security it provides.

You need to understand that at the moment the only reason Linux desktop isn't a cesspool of malware is that it's not a target at all due to its tiny market penetration. But it's still a server OS that was wrangled to be used as a desktop.

Having an influx of casuls is going to make Linux a big fat target and it won't be able to defend itself.

Please leave casuls on Android where they don't have root access and applications are mostly sandboxed. That's an OS that was designed to deal with the type of people you are talking about.

Linux desktop will start become palatable for casuls once Flatpak reaches maturity, and someone makes a distro disabling most of the common stuff that comes from a server OS and has no reason to exist in a desktop, because quite frankly it's NOT anywhere near secure as it is now, something similar to Ubuntu Core, or again to Android.

Don't you think that the reason people install software form a curated repository and not just download and execute some random shit from the internet plays a role here as well? Linus intended Linux to be a desktop OS, ironically it is almost the only place where it isn't completely dominating the market.

And having a repository where devs can directly release software will also be the start of Linux desktop malware. I think we already had a case of this with snap. This is such a horrible idea. Package maintainers are one of the most underrated advantages of a Linux distro.

Are you aware that packaging software for any distro is easy? Are you seriously thinking that most commercial software vendors will let their stuff be packaged and loaded in a distro's repo instead of providing their own packages on their own website?

If Linux gets any traction, you can bet your ass that vendors will offer Linux distro packages on their website and people will download and install random shit from the Internet fine. That's a big issue.

You don't need flatpak or snap for that. All decent distros can use third party repositories and download random shit from developer servers already.

It only takes one application (or script) run as root with a click to add the links to the list, import crypto keys to check the package signatures and then it's all ready.

Seriously, did you look at what Chrome for linux does?
what Mega (cloud provider) does?
What Dropbox (other cloud provider) does?
What Teamviewer does?
What some decent VPN providers do with their client applications for Linux?
They all add a repo when you first install the package for your distro, so you get updates from their own server the same way you get updates from the distro's own repositories.

You goddamn sheeple need to wake up. Main reason Linux desktop isn't a dumpster fire is that the people using it are more tech-savyy and paranoid than the average casul PC user.

If you let it out without some serious security hardening it's gonna blow up so hard that XP will look like a secure OS.

The poi t I was trying to make, and I don't think it was that hard to understand, but let's try again:

The majority of software a regular user needs is completely available in a curates repository. There is no need to download anything directly from the internet for the average user that needs a browser and office and some other basic applications.

On Windows you have a bare bones operating system where you have to download shit from the very start to do ANYTHING.

Is that difference so hart to understand?

Sure everything breaks down if people start to download proprietary shit anyway, but nothing can stop that, no matter the OS except it is so restricted it is impossible for a user to do so. Feel free to use a Mac if that is your thing.

People don't need to choose random applications for their basic needs on Windows.

MS office or Libreoffice, Adobe PDF reader and Chrome (plus some plugins if needed) are all as safe and trusted sources as a distro's own repo and you can't deny that with a straight face. That's all basic people need on Windows, and they auto-update.

The issue on Windows happens when they need something specific for a one-off task and then they hit the web. Most of the times it would not be in a distro repo either because it's something special, and in that case Linux users would hit the third party repos or even Github if they are pro enough and can compile from source. Ubuntu's PPAs, OpenSUSE OBS, Fedora's something else, and so on.
And in some times (many times for IT people like me) Linux users just suck it and either do without the tool or spin up a VM with Windows to run a Windows only tool.

Android, MacOS, iOS, Windows App platform, Flatpak. All modern stuff, weird isn't it?

People out there need to get the job done, as quickly as possible. Downloading random applications and executing them to deal with one-off computing needs (also what web browsers do all the time with animated webpages) is a massive force multiplier, and what everyone does on Windows even if it's not particularly safe.
Not being able to do so is a big turnoff for Linux usage, and if on top you add that it's even less safe than doing the same on Windows...

Claiming that Linux is "safer" just because some basic applications come from trusted sources just shows you don't understand how people use computers. Basic applications come from trusted sources even on Windows.