Uuch. It's amazing how some people get off on trying to spread misinformation about things which they have no knowledge of. The only thing your friend said which is accurate is that OS X isn't always secure from threats. Nothing of this nature IS. But what he doesn't understand or neglected to say is HOW OS X might be vulnerable.
I can think of only ONE way right now in which you can cause a potential security risk to your Mac (Trojan). And though this 'one way' can present its self in different types of gift wrappings, the fact still stands that YOU have to give IT permission to exist on your OS.
An example: There's an ILLEGAL copy of iWork 09' floating around on torrent sites and some questionable (ie; see stupid place to download anything from) peer to peer download sites. This copy of iWork is known to harbor a trojan in its package. Upon installing iWork, you have to give it permission to do so, by typing your password.
Once you enter your password for ANYTHING which you're not familiar with in its origins, ALL BETS ARE OFF. And herein lies the inherent security flaws in all versions of Windows. In Windows, unless you are aware of the fact that until you create a limited privileged user account, you'll always be running as administrator. Administrator's in Windows are running as 'root' and any changes they make are global.
Linux, BSD etc.. all require the user to either enter a password for each action which requires admin rights, or to sudo into root for an extended period of time. During that time, the machine is more susceptible to outside influences. But it's still always up to the USER.
This isn't just an OS thing.. it's an uneducated USER thing. Sorry to say but, most average Joe Windows users/consumers, aren't savvy or educated enough (as far as how their OS functions beyond playing games and writing papers etc.. ) to understand this. And ya know what ? I think MS actually encourages this behavior and profits from it.
Think about it. Do you really think that all of the Virus "protection" companies would still be in business if the average consumer knew how to avoid getting trojans or viruses ? Haven't you ever found it kind of ironic about how retail Win machines are either bundled with or are offered with Virus protection software ? It's a HUGE business who's profits are split !
I've personally NEVER EVER used anything but network detection tools and an hardware firewall (ie;router), including my days on Windows. *which was up until Vista* Anti virus protection ? ha !
What I love the most is when I go into a store such as let's say... B&H Photo/Video in Manhattan, a fantastic place to get camera gear.. and in the computer dept, a salesman is trying to convince a potential customer that the only reason Mac's are safe is due to something called "security through obscurity" (that old gag). This is the argument which states that no body cares about Mac's enough to try and write hacks or viruses for them because there's not enough market share for the world to be affected.
I usually listen to the FUD for a bit, and then casually walk over and say that I over heard the conversation and "could I ask a few questions" just to see if I understand what he's saying. "But of course.. ask away !"
That's when I ask him serious technical questions about how security in the "nix" world is handled (of course being pretty much the same for the BSD world etc.. ) and how that relates to Os X security vs. Windows security, plus the whole uneducated Win user thing.. . And ya know what happens then ? Exactly. The customer thanks me and says he's going to the Apple store to get a Mac. Whether they do or not I've no idea, but just for the plain fact that the salesman never has an intelligent, educated retort, let's them know that he's full of crap.
And as you've witnessed with your friend, this mentality is pretty wide spread. I'd go so far as to call it denial, actually. Look, I'm not a Mac/Apple fan boy by any means. In fact, I kind of hate the way Apple conduct themselves in a lot of aspects of their business. But I like to stick to facts. And when I hear things such as what your friend was spewing, I feel compelled to invalidate such nonsense.
If your machine is running slow, you might try running Onyx. It's a free utility which does some maintenance. You WILL enter your password for it to run, as you will do with many other OS X programs. Just know where you're getting your apps/programs from and make sure their check sum hashes are valid if such info is available. If you're not sure of something, Google it.
Doug
P.S. Google "OS X security through obscurity myths" and have fun. Definitely get that coffee...
