@a_yank_lurker Re: Cupertino is ...
"Also, if the vendors follow the basic Unix practice of splitting user accounts from admin accounts that will limit the possible damage."
Remember, with the most popular Linux distributions, then after installation the root account password is the same as the first/main user account password. Consider the following on-screen message from some malware:
"For your security and protection, enter your password to allow operations to continue."
What percentage of 'ordinary' people would enter their password at that point?
How many people who read El Reg have changed their first user password to make it different from the root password? (I haven't and I'm sure you'd all do a double WTF! if you saw that happen because El Reg readers are 'special'.)