So, in contrast to default Linux distributions, a root kit cannot replace system files (a common trick that root kits apply is to replace system files to preserve itself during reboots and to hide the root kit, e.g. by hiding it from 'ps' output).
Moreover, macOS only loads signed kernel extensions, so it is not possible for a root kit to inject itself as a loadable kernel module. I think the same is true for Windows, but I am not familiar enough with Windows.
I am also not worried about government agencies having unfettered access to my machine as a default setting.
You are throwing two things one one heap now: (1) having a backdoor and (2) sending out usage data.
If you believe that there is a difference between Linux, macOS, or Windows when it comes to (1), this is utterly naive. Linux distributions have a large number of package maintainers and upstream projects. You cannot be certain that none of these ten thousands of people is compromised and inserts a subtle backdoor. And even if you are certain about this, it's likely that government actors have a collection of exploitable remote and local exploits.
When it comes to sending out data, such as usage data, use an app firewall. E.g. with a program like Little Snitch, it is easy to configure which program can contact what server in the outside world.
Ps. Linux has the potential to be very secure. A lot of the technology is there (e.g. Wayland and SELinux). The problem is that the Linux community is too conservative and/or believes in the myth that Linux is already secure.
I think that you are underestimating the use of the Mac App store. Many applications are only available in the app store, just to give some examples of popular Mac Apps: Pixelmator, Affinity Designer, OneDrive, Pages, Numbers, Keynote, iMovie, Garage Band, Tweetbot, and Airmail. Then there are many Apps that can be purchased both through the Mac App Store or from the vendor, such as Omni{Graffle,Focus,Outliner}, Fantastical, 1Password, Photoshop Elements.
The majority of apps that I install come from the App Store.
Moreover, some vendors also sandbox non-app store apps. E.g. Chrome tabs, Photos, or Safari tabs.
Windows provides UI isolation between privilege levels:
https://msdn.microsoft.com/en-us/library/bb625963.aspx
As compared to Windows or Mac where apps are sandboxed by default?
As the sibling commenter mentions. Mac App Store applications are required to be sandboxed:
https://developer.apple.com/library/content/documentation/Se...
The same applies for Windows Store apps.
Windows has rootkits as does Mac.
Mac has system integrity protection (SIP). Even as root, you cannot replace system files (unless you disable SIP):
https://support.apple.com/en-us/HT204899
So, in contrast to default Linux distributions, a root kit cannot replace system files (a common trick that root kits apply is to replace system files to preserve itself during reboots and to hide the root kit, e.g. by hiding it from 'ps' output).
Moreover, macOS only loads signed kernel extensions, so it is not possible for a root kit to inject itself as a loadable kernel module. I think the same is true for Windows, but I am not familiar enough with Windows.
I am also not worried about government agencies having unfettered access to my machine as a default setting.
You are throwing two things one one heap now: (1) having a backdoor and (2) sending out usage data.
If you believe that there is a difference between Linux, macOS, or Windows when it comes to (1), this is utterly naive. Linux distributions have a large number of package maintainers and upstream projects. You cannot be certain that none of these ten thousands of people is compromised and inserts a subtle backdoor. And even if you are certain about this, it's likely that government actors have a collection of exploitable remote and local exploits.
When it comes to sending out data, such as usage data, use an app firewall. E.g. with a program like Little Snitch, it is easy to configure which program can contact what server in the outside world.
Ps. Linux has the potential to be very secure. A lot of the technology is there (e.g. Wayland and SELinux). The problem is that the Linux community is too conservative and/or believes in the myth that Linux is already secure.