@sour @hakan_geijer Absolutely! Security focused live systems are neat for some throwaway work, just do recognize that if the hardware is tampered with, it's hard for the OS to defend against that.
But most attacks that work well against Linux but not so against modern Windows/macOS are attacks targeting the installed OS. With a live system you circumvent that. In theory, you can harden a Linux to a similar degree as Windows BitLocker (i.e., measuring Secure Boot state + long password or fido2 stick, using
signed UKIs, etc.) or perhaps even more than that, but it's not the default and requires quite some knowledge.