This way of looking at things would put mass-market systems at a severe disadvantage compared to obscure niche systems whose user base is mostly composed of techies.
Usually, we want to compare apples to apples: would Grandma's computer be more secure if she switches from Vista to Linux? (Assuming she can figure out how to get her work done at all on the new OS.)
That is one way of looking at it, however in order to begin an assessment of how secure a system is you need to make a risk assessment. Another way of looking at your example is what is at risk on grandmas computer? How does grandma use her computer? Once those questions are answered then an realistic solution to grandma’s risk can be ascertained. Grandma’s computer doesn’t need the level of security as say a computer used for storing and processing classified information on a DOD network, so Grandma can “get away with†a less secure system. What makes Microsoft so “insecure†is what makes it so marketable....grandma can figure out how to use it and not have to pay some techie to load a new printer.....Security is and should be assessed based on risk. It is a balance between acceptable risk mitigation vs the users ability to do work....Unplug a system, box everything up and store it in a locked room and you have a secure system...that no one can use. A better way to view it is as what was stated in a prior post...what OS can be USED that provides the BEST security (least vulnerabilities) for the given RISK level....And what are the expenses (mitigation costs) in order to make the system usable at an acceptable risk level....Risk mitigation must be viewed in a layered approach...both in the elimination of processing tasks (applications, services, drivers, ect) and hardening those that are needed.....One can not put all the eggs in the OS basket IF security is of greater concern than a home PC....and a home pc does not require a higher level of security offered out side of the current Microsoft systems....so it boils down to personal preference on a home PC,
Hmm, yes, the proverbial grandma... Lets see, my sixty year old mother, a grandma four times over, has been running Linux on her home system for two years now. Her usage consists of email, web browsing, photo scanning, digital photo entry, management and simple editing with Picassa, simple desktop publishing and word processing through OpenOffice, playing grandma type games, Google Earth, and managing her checkbook. She's burned some music CDs but it doesn't really call to her.
I used to say that Linux was as easy for a new user to learn as it was to learn Windows, but it occurred to me that I never had to train her to update her virus scanner, AdAware, Spybot, ZoneAlarm, and Windows each week before running the scanner, AdAware and Spybot, and to tell me when the virus scanner app was getting ready to expire like I did when she was learning Windows. Now I say its easier to teach new users Linux.