Gentoo Developer: Is The Linux Desktop Less Secure Than Windows 10?
Böck's presentation was motivated by recent posts on Chris Evans' security blog pertaining to how a Super Nintendo Emulator could exploit a modern Linux desktop. Check out that blog for a lot of interesting technical details on the exploit.
Hanno Böck's presentation pointed out issues with GNOME's Tracker and KDE's Baloo auto-indexing files, including fresh downloads to computers. While Tracker has already implemented sandboxing via libseccomp, KDE/Baloo doesn't yet sandbox their file indexing work.
Böck also criticizes Linux distributions for not generally making full use of Address Space Layout Randomization (ASLR) yet with it being "one of the strongest exploit mitigation techniques." Ubuntu had introduced support in 16.10, Fedora has offered ASLR / posiition-independent executables since Fedora 23, Debian is picking up support in Stretch, there isn't much work in the openSUSE space, and only hardened Gentoo enables these security features. Windows meanwhile had ASLR support in Vista and that modern Windows desktops already use "next-level mitigations" for fending off attack vectors on the desktop.
Another open area is that GStreamer, commonly found on most Linux desktop distributions, is very prone to memory safety bugs. Fuzzing GStreamer still yields a number of open issues, but many of its dependencies may also have their own issues.
So Hanno Böck's argument for the Linux desktop being less secure than Windows being that the automatic indexing of files under Linux has "a lot of questionable quality parser code" and that there isn't this behavior on Windows by default, but that Windows users generally are running anti-virus software too. An exploit with Ubuntu's Apport bug reporting tool was also pointed out and that more must be done to improve the Linux desktop security.
Those wishing to learn more can see these PDF slides while waiting for the video recording to be made available.