Of course, the kernel drivers are now commonly signed. The real problem is catering to manufacturers demanding to have their own bespoke driver pack, often including some stupid branded management application, when it’s just the same as the other dozen manufacturers packaging of the same product. Then you end up with bloated “driver packs” and a system tray of a half dozen vendors screaming for you to pay attention to them and know that they are somehow contributing to your experience.
In Linux, you have a kernel driver and a myriad of vendor’s pci ids mixed together and the vendors just have to deal with it. As a side effect, a USB to serial dongle is about 99% likely to work in Linux, and in my experience 90% unlikely to work in Windows (can’t find the driver for it, or in one very prominent case Microsoft bans drivers of counterfeit chips that function fine, but violate IP rights). Punishing the counterfeiters may have been understandable, but ultimately the unwitting customers paid rather than the counterfeiters (they still sold their devices, but the users that were oblivious suffered).