I think the article did a pretty good job explaining a bit of the “what”, but I think it buried the lede toward the end by mentioning that the system is only as secure as the admins make it.
*nix has historically been more secure as a baseline OS family because of the amount of consciousness that an administrator has had to explicitly pay to security, and the general skill levels needed to work as a unix or linux sysadmin compared to a windows sysadmin. I’m not totally sure that remains the case today, not because linux has gotten weaker, but because windows has tightened up and gotten more complicated to administer. (Does anyone remember the NT license cards that you’d buy to add new users to a network? It was just a piece of cardstock wrapped in plastic that cost something like $99 and when you opened it up it said “you have a license, now go into this setting and click the number of users to add one”.)
I suspect things are trending in the opposite direction though as more and more data is hosted by third parties like AWS and Azure. The concept of “yours” isn’t the same anymore. Ownership and boundaries are blurred (in a way, on purpose. Makes it easier for big tech to keep someone paying for their own stuff if they think they don’t actually own it). Even if the big cloud providers have dedicated teams to monitor security and develop countermeasures to threats, it only takes one slip up to blow the whole thing apart for everyone.
Yes, we can all agree that the user/admin/person at the keyboard is integral to security of any system, and that any bad decision will compromise any system.
However, this article is about the baseline being set--what that user/admin has to work with, and the design decisions made for the OS.
IOW, given the same user/admin, Linux is more secure than most, and has the ability to *be* more secure than most.