I'm completely new to Mac, so forgive my ignorance. I've notice a security feature of OS X that pops up a window when something wants to install or when I try to delete a file from my documents folder. It asks me to type in my password. So, I think, "That's cool! Nothing can install itself without me typing my password. No need for antivirus!" But what's to stop any program/website from just drawing that very window up on the screen and having me ignorantly type in my password? Am I missing something? I'm referring to the possibility of a program FAKING that window and then sending my password somewhere for some other evil software to use against me. And if you're going to suggest I turn my user into a non-admin user, I've tried that on XP before and it was a NIGHTMARE with document permissions, programs installed under whichever user, etc..