Having managed just about every OS I have learned to see it a little differently. Rather just about every OS can be hardened to the point of being secure but each OS and each iteration of said OS will have different default kernel compile options, admin configurable settings, kernel tuned settings that vary the amount of "friction" the end user is meant to experience. Even Windows NT had more security controls than Linux and BSD combined mostly pilfered from VMS but the defaults were opened up to minimize friction for businesses. Windows XP, Linux, MacOS reduced friction even further to improve adoption by developers and end users alike, to a fault. Not just security but also memory management behavior. Windows Linux and Mac allow over-committing memory by default to improve adoption by people early in their development career. So I guess what I am trying to say is that people have decided they will trade in friction for usability and thus has resulted in a myriad of gaping holes by design. Each OS have tools to harden them as far as one wishes to go. The BSD community have accepted that they will endure a little more friction by default and I can respect that.