Sorry, but this is by far the worst argument ever. Market share has little to do with it.
I love it when people say, "The only reason Macs don't have Virii is because the market share is too small to care"
First off, no OS is immune I am sure everyone knows this by now. Not going to go into this.
Second, explain why Linux has so few virii ? But, before you answer ... please, make note of the mass number of Linux servers installed in the world. Way more then you think, hell most of Google servers are running it. (Maybe all I dunno)
Now, take that number of virii and compare it to the Windows world. Notice something interesting ?
1. It's "viruses," not virii:
http://en.wikipedia.org/wiki/Plural_of_virus
2. If we're really talking viral code, and not worms, Trojans and other malcode, Linux has a pretty good number these days, they're just mostly in zoos. You can still count the number of wild Linux viruses on your fingers, but the reasons behind this are several-
1. Viral code is *generally* targeted against desktops, typically worms and Trojans are targeted against servers. Since Linux has a higher server install base, it's less likely to be targeted.
2. Linux admins aren't as likely to run completely untrusted binaries as the typical Windows user, so the success rate of Linux viruses is still very low.
3. In terms of targets for virus authors- there are only a few motivating factors:
A. Proving a point.
Most of the competent malcode authors seem to fall into this category, they'll release a PoC to the AV companies to prove how clever they are. That's where you'll see work like the Linux ELF virus samples happening.
B. Spread "fame."
Mostly this is where market share comes in. If you want a "successful" virus, then you want one that has the most likelihood of spreading. Most viral code spreads by e-mail, and most *nix mail clients _do not_ automatically execute attachments. Also, you're not (yet) stuck with a mail client monoculture on *nix.
Now, if you couple that with the fact that it's really a pain to learn a whole new API and flaws in that API, then you'll see what's going on. In fact, if you look back at the Win 3.1 to Win95 time period, you'll see that the number of successful new viruses in the wild dropped pretty significantly for a number of years- until the malcode authors got the Win32 API under their collective belts. Now, market share certainly plays a role in what folks develop for, and I think we see the same thing in terms of malcode that we see in terms of commercial software. Also, if you look at the learning experience for a malcode author, it's almost completely Windows-centric.
Unfortunately, the trend in malcode today is monetary more than it is ego. That means we're going to continue to see significant growth in the targeted malcode arena rather than the traditional generic malcode arena. Target of Choice malcode will be much more damaging, and much less widespread since you sort of lose if AV gets to catch it instead of "winning" if you spread enough to get into a new dat file.
MS Office is as popular as ever, however the AV companies finally figured out Macro viruses a long time ago- and Microsoft hasn't made it any easier to write them (thankfully.) Anyone who remembers the early 90's Macro Virus environment is pretty-much forced to acknowledge that you can have a widespread platform *and* make it safe through bolt-on security rather than core re-engineering- the problem is that the vulnerability surface for Office Macros is limited enough a universe to do that to, where the vulnerability surface of something like OSX is significantly larger.
