I thought any unix-based system was inherently safer than windows merely by the fact admin access is built into both the OS and file system, as opposed to the equivalent of a plastic shell and a polite "do not touch" letter over privileged files Windows uses.
That too, yes, absolutely.
Something that's come to vex me about Win7 privilege escalation: it's not sudo-like, it's su-like. As in, I'm not running an installer as Thad with temporarily-heightened privileges, I'm running it as a completely separate Administrator account.
Which might be okay if the fucking "Run this program now" checkbox was removed from every single goddamn Windows installer in the universe, but since it isn't, I wind up constantly inadvertently setting up programs under the wrong user account.
The basic argument is the one originally posed by Douglas Adams: "The major difference between a thing that might go wrong and a thing that cannot possibly go wrong is that when a thing that cannot possibly go wrong goes wrong it usually turns out to be impossible to get at or repair."
In fairness, he was also the world's biggest Apple fan.
* The ability to monitor, fix, and protect against potential problems is built directly into the kernel, not into a layer slapped over at runtime.
* Not having any closed-off or black box parts of the system makes it easier to find holes and/or monitor what's going on.
Very, VERY true on the iPhone. As for OSX, not sure I buy it -- it IS running on an open-source BSD kernel.
* In terms of support, the people who manage to make money off of *nix generally do so by offering their services, so there's no lack of qualified analysts there.
Apple's actually pretty widely regarded as having some of the better tech support guys out there.
The one argument I would say is valid is that once a hack is enacted in a *nix environment through the most preferred method - social engineering - it's probably easier to pull crap than in a Windows environment, simply because having valid credentials and a working knowledge of the system virtually guarantees that you won't run into any problems that you can't have foreseen, unlike Microsoft's stuff that generally protects itself under a cloud of garbage that even the authorized user is unaware of.
Not entirely sure I've parsed that right.
Situational, of course. Shit like phishing is going to work just as well on Linux as anything, of course (though as you say, a Linux user is simply going to be more wary of them by virtue of automatically being a savvier computer user). Malware executables, on the other hand, are dead in the water; you have to intentionally flag a file as executable before you can execute it in Linux.