[citation][nom]manjyomethunder[/nom]No sir, I believe you are -naive- if you actually buy into Apple's bullshit marketing campaigns. One does not have security through obscurity. Just because it doesn't get viruses now, doesn't mean it can't.By the way, an overwhelming majority of problems with Windows based computers are caused by both trojans and scareware, not "viruses". It's user error and stupidity. Says a lot about you if you have problems, doesn't it?Oh, and my computer doesn't look like someone pissed on the bottom of the display. Have fun with your iMac.[/citation]
Though there have been several POC viruses developed for Mac OS X, not a single one has ever been found in the wild. Trojans have appeared in limited numbers, but the only significant one found was embedded in a hacked copy of iLife '09 and iWork '09 distributed on illegal sharing sites (they got what they deserved fore stealing in my opinion).
Next, you CAN run AV on a Mac, it;s simply not required for anyone wh's even a tiny bit careful. Permission escalation is virtually impossible in a UNIX environment without user interaction, usually incolving typing a password (not simply clicking OK to a prompt), and even then Kernel access is still restricted. You have to a) get directed to a custom web site, b) have a known unpatched vuln, c) in most cases respond to a prompt, and even then all they gain is control at least until the sesion ends. installing apps is not possible through that interface, and the OS enforces app presence notification for all non-kernel apps and drivers, so even if you GOT a virus, it would have to show up in your active app tray! A bot? yes it;s possible, but only through a user actually manually installing an app that happens to already be infected. Don't get apps from illigitimate sources, and you can't get a bot, trojan, worm, or virus on OS X. Use AV on top, and you can't get viruses from media and general files either.
Security through Obscurity? no, its Security through hardening and best practice, and non-access to non-root users and services, and proper kernel level authentication, combined with memory sandboxing, app segregation, and coding rules that have to be followed to be allowed to run at all.
to those who say you can equally or better secure a PC with the right skills, i call BULLSHIT. I have a network here with 2,000+ IT staff, over 3,500 servers, several mainframes, and near a dozen other platforms. We are hardened to DOD standards and higher, using the latest OS and current patches, behind a 3 tier network architecture and strict permission structures, inline packet instection systems, firewalls, and a dozen apps that look for illicit activity, and we have whole teams of people who do nothing but lock systems down as their full time job, and scan them continually for vulns and infections (to the great compaint of app areas and customers), and we still get viruses, regularly, if not daily (and that's just the SERVERS). Penetration to a data set or user list? never once, but DMZ and edge servers are going down continually, and app servers are compromized on a regualr basis, and infected files are found in file system scans every time they're run.