The recent news about Macs getting unwanted nastiness has got me thinking and I have a few questions: 1. What's stopping something gaining access to my keychain and therefore every password? 2. When I have (for example) a Flash Update pop-up, how do I know that's what it is and its not downloading something else? 3. From what I understand, a Trojan requires me to click something to allow it to install. Why? Why can't the baddies work around this? 4. Checking a site is "https" - why can't baddies have https websites too? 5. Say I have this Trojan - why should I care? 6. Software update - How do I know that everything in Software Update is legitimate? Could my computer not be 'reconfigured' to download files from elsewhere?