Linux isn't really more secure than Windows. It's really more a matter of scope than anything. No matter what malware, exploits, and bad users exist EVERYWHERE. One being more secure than the other is nothing more than anecdotal evidence.

Malware exists for *nix, Mac, Windows, Android, iOS, Symbian, Xbox(yes), hard drives, and bios.

No operating system is more secure than any other, the difference is in the number of attacks and scope of attacks. As a point you should look at the number of viruses for Linux and for Windows. You'll see a trend in that Windows has FAR more viruses for it than Linux does and that's purely because it's more lucrative to hack for Windows since you have a greater chance of getting the thing you want. For all we know there might be a critical flaw in Linux that would open the world to pain if discovered. It hasn't been yet, but it could be there.

Really however OS security comes down to usage, habits, behaviour, and users just as much as it does software, hardware, security, and passwords. Your computer can be safe in an infected network as long as you do the following:

Constantly ask yourself "How do I keep MY computer safe?"

Really all you can ever do is work to keep your computer safe. That includes most notably safe computing habits. You could run for years without anti virus* and never get a virus as long as you're safe and you keep your computer safe. I'd still run an anti virus though since you could be safe all you want and make a single mistake.

After all those big data breaches you often hear about aren't usually on computers, but servers running special software, and it's the software itself that gets attacked and exploited to extract the data. What this means is that your computer is as safe as you make it. They didn't make theirs very safe.

Of course even if you make that software as secure as possible, it's all meaningless if someone manages to steal your credentials. In most data breaches an administrator gets phished, and their credentials are used to log in and steal the data. Here you can see that it didn't matter that the computer was safe since the user was attacked.

This really shows that there are two parts to security: The security of others (never trusted) and the security of yourself (only as good as you make it). To that end we all just try to make sure that the security of ourselves is as good as it can be. Herd immunity doesn't really apply to computer, so we have to keep them safe through our habits, usage, software we put on there, and making sure not to let in anything bad.

The world's most secure computer is turned off, not connected to anything, buried six feet underground, and destroyed.

Notes: *: Note the same as no security!

According to who? According to NCSC (the Dutch center for cyber security) for instance, TLS 1.2 is still considered "good", but it does go on to specify which cipher suites and specific configuration options are still considered "good".

This is kind of the problem with TLS 1.2: it has become a hodgepodge of different algorithms, key agreement schemes, certificate status, signature formats, bulk ciphers, hash algorithms and whatnot. So specifying that TLS 1.2 is good enough is basically hiding all the problems that are associated with it. TLS 1.2 is as good as the options that are chosen, and making sure that all the configuration / implementation pitfalls are avoided.

TLS 1.3 has been defined to strip most if not all of these problems away, and be build upon the best practices for popular encryption algorithms. It is both very similar to TLS 1.2 and different path from 1.2 in that sense. We've come a long way, and it is likely that TLS 1.3 will be more secure for longer than TLS 1.2 in a generic sense.

Is TLS 1.3 perfect? No, problems have and will be found. But it is generally more secure, more performant it has certainly a lot fewer options compared to TLS 1.2 that are certainly not secure or that are likely to become security issues in the future. There are still things like the mentioned 0-RTT and PSK that are relatively dangerous to use. In that sense TLS 1.3 in itself is not a secure solution all by itself either; specific usage scenarios still have to be considered.

That all said, it is certainly possible to configure TLS 1.2 in such a way that the protocol is still considered secure, or at least not broken fundamentally. So in that sense I suppose you could argue that there is no pressing need to move to TLS 1.3, as long as your choices for TLS 1.2 are considered sound.

Do note that this also kind of assumes that the inherent complexity of TLS 1.2 is not a problem in itself, and that's certainly debatable as well.

MD5 and SHA-1 are emphatically poor choices for storing passwords. The problem is not their collision-resistance; it's that they're designed to be extremely fast. A modern GPU can attempt upwards of billions of passwords per second when brute-forcing through a list of hashes. This can shred through every possible eight-character alphanumeric password in at most a few days; that's with just one GPU.

The advantage of bcrypt and scrypt is that they can consume arbitrarily many resources; bcrypt has configurable CPU requirements, scrypt has configurable CPU and memory requirements. By increasing these work factors, you can dramatically increase the amount of effort it takes an attacker to attempt even a single password in your database.

As to the length: it's 2014. Storage is essentially infinitely cheap. Saving 40 bytes per record is simply not an acceptable excuse for selecting known-poor password hashing algorithms. In whatever project you're working on, surely there are more worthwhile tasks to spend your limited development resources on than this.

AES is deemed secure because:

• Its building blocks and design principles are fully specified.
• It was selected as part of an open competition.
• It has sustained 15 years of attempted cryptanalysis from many smart people, in a high-exposure situation, and it came out relatively unscathed.

Another reason, which is not as good but felt important by many people:

• It was designed by non-American cryptographers.

In asymmetric cryptography we often (try to) reduce security to a "known hard problem", a luxury which is not often encountered in symmetric cryptography, but this does not change the conceptual root of the issue: at some level, there is some "problem" for which no efficient solving algorithm is known, despite decades of research. It is not proven that the problem is necessarily hard, or even that there can exist such as thing as a necessarily hard problem, but we are just stumped when it comes to finding a solving algorithm. With AES, the "hard problem" happens to be the AES itself.

I agree with @KanekiDev and would like to highlight that #1 holds even now, let alone in the near future.

According to ArsTechnica, a single person using equipment worth less than 30,000 dollars managed to recover 85% of the passwords leaked in the Linkedin breach in a day. We are talking about millions of SHA-1 hashed passwords found in a single day.

Using a single Sagitta HPC Brutalis packed with eight Nvidia GTX Titan X graphics cards, I managed to recover 85 percent of the passwords on the first day, despite the fact that I was cracking so many passwords so quickly that the whole system slowed to a crawl.

Working with the rest of the Hashcat development team, we managed to reach 88 percent by the end of the third day, and we crossed the 90-percent threshold on the fourth day. This all happened a full two days faster than when working with the first LinkedIn dump, which contained only a small fraction of the number of hashes. On the sixth day, we teamed up with rival password cracking team CynoSure Prime to close out the effort at a solid 98 percent, cracking a total of 173.7 million passwords.

Source

If you think that only researchers can afford that hardware, you're wrong. Think about a team of crackers spending 30,000 dollars on that setup just for finding these passwords. In a week, they find 100 million passwords, which they can sell for $0.01 each. 100 million passwords * $0.01/password= 1 million dollars. That's a pretty good ROI (return on investment), isn't it?

You may say that those were weak passwords. That's probably true, but as @Matthew pointed out,

Unfortunately, most users do pick weak passwords which will appear in dictionaries, so this is a viable attack method.