[disadvantage]

Malware that has root privileges can do anything. Even reading secrets from RAM. You said you're not an operating system expert, but I am one, of sorts. One strategy I have is having a clean install of an OS that has just the bare minimum amount of software installed, which minimizes the chances of running something malicious. No browsing is done, as the browser is the main vector for infection, no matter how hardened the browser is: it's the main route of infection. I also monitor all my traffic with a firewall so I can disallow any connections I deem as suspicious. I also use ClamAV to do routine sweeps of my system for any 'low hanging fruit' that could be lurking there.