cosmic: The hardware architecture makes little difference, however, it is the operating system and any software what accesses or services the Internet that has to be totally secure to protect the computer.
In considering protection, you should not only worry about viruses and malware, but also resistance to hacking. Developing your own operating system and applications that present your own unique API is probably going to be provide the most secure system if you get it right. This will remove all the well known weaknesses that give Windows its ongoing Internet and virus frailty. You will have to develop your own HTML, Java, and even flash and PDF processors that do not allow access to anything other than the display and sound outputs. It will mean that you cannot use an standard anti-virus or anti-malware packages as these will be available only for popular operating systems.
I have a very elementary Windows 98 web server that I fire up to allow friends to view holiday photos or FTP specific data file to or from the server. This has an unusual approach to infection control. The whole Win98 system is held as a compressed disk image in a Linux filesystem. This image is unpacked and loaded into RAM as a memory disk and then the Win98 boot sequence begins. Since this version of Windows runs on top of DOS, the first stage is to load DOS and execute autoexec.bat. This runs a small program that shuts down the hard drive, after which Win98 itself boots itself.
If the system gets any infection, this is removed when the system is shut down or reboots. For any infection to penetrate the defences and permanently infect the system then it has to restart the hard disk drive, attach the disk to the Win98 (as neither the BIOS nor Win98 understand the drive and Win98 does not even know about the drive). Then it has to be able to access the compressed image on the HDD then mount the image of the Win98 filesystem, find any specific files to infect, then reverse the steps to save the updated compressed image. Currently there are no infections known to be able to create a permanent infection to the system.
There are many ways to make systems secure. Some are more practical and effective than others.
Well I see the thumbs down personnel are with us again tonight, so let`s see how many I can get, my previous record is 11 by the way, and I probably deserved it.
You cannot make an Internet connected device immune to attack from anyone that knows how to do that with a more up to date malware than your protection knows about or does not use heuristics.
So it is likely to be not possible at this stage in time whatever the cost.
What you can do at present is to back up all your data every few hours to another external drive and keep a rolling log for data changes between those times so that that data can be re entered manually after the first back up is reloaded.
Then do a weekly back up to a storage device to be taken off site to a secure place from where it can be reloaded as there are other things to worry about such as fire flood and mechanical damage to take into consideration;
I spent the last few years of my career doing this sort of thing and if you can think of an easier way to protect data then you will become famous and rich, rich is OK, famous is not really.
Nothing. Malware is software that has some malicious purpose – hence the name. Users install malware. It would cost nothing to stop users from installing malware. If the computer is not running Windows then it will not be troubled by viruses.
$0. Disconnect from the Internet.
Outside of that, it's not possible. With so many millions of lines of code, there will always be a bug/exploit etc in any OS.
Totally free! Install Linux instead of Windows. Job done!