To be clear: there are obviously lots of third party Linux drivers out there. But they're delivered, installed and supported by that third party. Security of the NVIDIA driver is NVIDIA's job, and no one is surprised. And as a result, you need to run a tool as the root user and elevate the privilege level yourself to get it installed.

Now, that user experience broadly sucks vs. plugging the same PCIe card into a Windows box and booting it up to get an automatically installed driver. But it's not subject to the same security problems either, which was my point.

There's a difference, though. Microsoft's Windows Update driver installer does not require launching executables, it never has in the past, it simply got the inf and supporting files and put them in the system's driver location. Now they're automatically running executable code that microsoft isn't verifying as an Administrator. Yes a malicious driver could be bad, but since drivers have a more finite api surface they should call, they can be audited / restricted with static analysis checks. launching a userspace app with admin privileges automatically is a bad idea.

Would you be ok with the AMD kernel driver launching a web browser as root on first boot? Or every boot?

WHQL means almost nothing, except that you have an expensive EV code signing certificate to verify your identity to Microsoft. At best it means that your drivers don't completely break the system.

> I don't know of a Linux distro that will allow you to without root privilege.

Sure, but a tonne of them come with them by default these days