Debian as a server gets security updates, but the packages for desktop remain old, feature robbed and vulnerable. Default Web browser is passing on manifest v3 which enhances security. Linux isn’t going TPM2 (yet) which prevents rootkits, bootkits, keyloggers, and malware. Linux doesn’t enforce security updates. Anyone that thinks Linux doesn’t have frequent security problems hasn’t done a web search on the topic. All operating systems have issues, -Desktop Linux deliberately so.
Well, duh, it’s like reading the fire is hot, then burning yourself touching it, and complaining about it. Why’d you use Debian on a desktop anyways? You can technically use snap/flatpak/appimage/nix/guix/etc to get newer packages, tho. Not sure why, but still.
Also,
Boot/rootkits – maybe, depending on the setup. Keyloggers and malware – how exactly? The only thing it creates is a chain of trust, and it so happens that most malware, including keyloggers, works in user-space (albeit preferably with elevated privileges). Besides, if you want max security, you want heads + qubes anyway.
It makes rather solid platform for your daily work. You have few select apps that receive frequent updates such as browser, but for the most part the system stays the same for the 2 years you sit on the latest stable version. You don’t get new problems really after sorting out the initial ones
I guess it makes sense, but I personally prefer the nixos approach where you can mix and match any stable and unstable packages (and not only gui apps like that with flatpak), or pin a particular unstable version of a package, or rollback to the previous known-working state. Using Debian on a desktop just feels like fighting against the model of the distro, and it’s not exactly what I personally want to to.
Honestly, distro choice is really just what you know
Then you can do whatever you want with it. I’ve been using debian for some years, and Ubuntu before that, so I’m confident on what I work with and that’s the biggest deal maker