Props to those guys beating Apple at this.
As much as you can hate windows, MS has been very serious about security on Windows with a much tighter security system in Windows 7. Not saying that they had already not needed that, but they have been very careful and have come strong on viruses and malware.
Apple, you need to tighten up here.
I'm surprised you're getting so much hate for this simple statement of fact. Microsoft has had a huge historical problem with malware (including viruses etc), and it took them some time to respond effectively to it; it wasn't until NT that Windows started to get a half-decent security model, but even then they struggled a lot with legacy bad code and was forced to maintain running patches while business was forced to accept Microsoft's apologies and assurances that this time around, they had fixed all the issues. It took a complete rewrite with Vista, as bad as it was implemented at first, to get decent security, arguably by security experts better than Apple's. As a direct result of the constant barrage of attacks on their OS, they HAVE built up a good security response unit and hired various security experts to try and get on the top of it as it was damaging their reputation badly. Apple hasn't had the same problems with OSX before, although the Classic MacOS was as insecure as Windows 3/95/98/ME. There are signs they have been taking potential malware more seriously for a while now, having made some prominent hires and implemented some serious security measures into OSX 10.5 up, all incomplete but by each iteration getting better, and Lion looks to have beefed it up even more, finishing what was started in Snow Lion. A proper integrated anti-malware/trojan/virus is the last link, having done what appears to be a thorough job on securing the system, even if hackers might still find weaknesses in new software, most likely through web-facing programs like Quicktime and Safari, but Webkit2's integration of sandboxing will make this very difficult.
The weakest link will always be the user, and as you seek to make a consumer OS for non-techy users, you have to expect a lot of people with poor safety knowledge, people who barely know how to use a computer, people who are easily scammed believing and clicking any popup they see. At least, on OSX, they usually have to actively type a password rather than just clicking a button to install which does give a chance to make people stop and think, but for a good scam/trojan that is not a barrier. On both Windows and OSX, trojans and malware are the current trend, as both systems are locked down harder against conventional viral and hacker attacks.
In the end, every system has to allow a user to install the software they want to, even when they ignore advice and warnings. There are also no lack of people who know enough to be dangerous deliberately seeking out pirate copies of expensive software, especially MS Office and Adobe products, who take a chance from seedy sites and bittorrents from unknown sources. Without an integrated antivirus/malware tool, there is little those people can do to check, and even then they may be at the forefront of a new variant or attack.
There is no question that Windows 7 is by far the best OS and most secure that Ms has produced, there is no point in the naysayers attacking you or anyone else on that point. Similarly, their integrated Security Essentials tools has proved very effective, scoring well in comparisons with more complete security suites from various online reviews. It is not a bad idea for Apple to integrate something similar, which they seem to be doing gradually starting with Snow Leopard. Turning on an outbound firewall would also help, or at least provide a good front end for the existing very good IPFW which is active along with the Applications firewall, but has no rules set up. IPFW is an old-school BSD firewall, but hasn't had a good frontend and not as simple to administer as the Applications firewall. Maybe with the integration of Server in Lion, we will get one., I haven;t heard mention of it. But in the end of theday, it is a priority of Apple to balance security with user friendliness, if things stop working because of a firewall, people will blame the OS and Apple. At least providing the tools and some user education on first run would be a good idea. Alternatively, Apple could do worse than implement something like Little Snitch, perhaps by acquiring it and integrate it.
