Most linux distros that I have installed in the past two years default to the proper method of disabling everything

This must be a real recent development. A couple of years ago my brother installed Red Hat (which was rapidly gaining popularity at the time - might've been 6 or 7). He called me up to have me walk through locking it down for him. I was appalled at how many services were running by default. Every single one of them (it was the first experience I had with Red Hat since not getting RH4 to install and giving up on it).

The 'more secure by default' argument has always been a sore point with me. Some (most?) Linux zealots (not necessarily advocates, but definately the zealots) would argue until the end of the world that Linux was more secure by default, even though every service was turned on (I never could figure out what use the single workstation had for Bind anyway).

How secure a system is depends a great amount on the sysadmin of that system. You can have OBSD installed, and with a bad admin, it could be more vulnerable than a stock install of W98. Thats just scary. The only way to really, truly have a secure system is to unplug it from the network, turn it off, lock it in a safe, and bury it in a concrete vault 20 feet under the earth. Of course, that just shoots the useability of the system straight to hell