Most malware is written for Windows, especially when it’s distributed as a Windows executable. (Almost) no Windows malware targets Wine specifically. However, Wine on its own is not a sandboxing tool, and Windows ransomware will ruin your day.
Bottles does two things for security:
- Separate wineprefixes
- Being a flatpak
By separating wineprefixes, as long as the host filesystem is not directly exposed (which iirc is default for bottles), any malware not written with Wine in mind will only affect its own “bottle”.
By being a flatpak, even if some Windows malware specifically targets Wine, it would still have to escape the flatpak sandbox for elevated permissions. If the bottles flatpak has no access to personal files, “Wine-aware” malware won’t either.
Although malware can still do damage, even in its own sandbox. For example, botnet type malware would still function. The host system is “safe”, but the damage can still be done externally. Usually application-defined “autostarting” of applications is broken under Wine (iirc), which means all non “Wine-aware” malware will only start when an infected windows application is started in bottles.
Any sandbox will eventually be escaped, and malware sophisticated enough will be able to get access to everything on the host system. The chances of running into malware like this in the wild are extremely small.
- Is it fully secure? No.
- Is your virtual Windows environment safe? No.
- Are other “bottles” safe? Likely, as long as the malware isn’t aware of Wine.
- Is your Linux host safe? Most likely, depending on your flatpak settings. (and the malware has to specifically target Wine under Flatpak).
And the reason you mentioned Ubuntu is “finicky” was explained above. It is not a good “just works” distro, there’s much better options than Ubuntu.
It used to be (one of) the best “just works” distros, but is somehow one of the worst now. Outdated blogposts still recommend it, and Canonical still calls themselves the “most used” desktop distro. The alternatives are just better.
Although Unity and Epic are not related (other than both being companies that make a game engine), and Epic is not related to these Unity pricing changes, Epic has still done a lot of things “wrong”. Especially for gaming on Linux. A lot of games that are currently unplayable under Linux is due to kernel-level (rootkit) anti-cheats. Being the creators of EAC, Epic has actively been harming the compatibility of games on Linux. Developers “can enable Proton support”, but even Epic themselves in many of their own titles don’t enable this.
They haven’t pissed off the larger gaming industry to the point where everybody is moving off their platform/products, but they are still a greedy corporation. Remember the whole exclusives thing on the epic games store?
Steam Link doesn’t work on Linux. SteamVR, ALVR, WiVRN, and Monado work under Linux.There’s more headsets than the Quest.