That's crap. Truthfully, I don't know enough about OSX or Linux, so, I'll qualify this by saying 'That's Crap In Windows'.
Sure it's *easy* to blame the user....but the truth is that computers are insecure. Maybe that's just an extension of the insecurity in our society, but the fact remains, IT guys and Programmers as a whole have not produced a secure environment for users. Even if the users were willing to learn more about the system they are using.
Visiting a website is enough to compromise a fully patched machine. And it's not just computers, cell phones and portable devices are included. Yes, let's blame the user who was sooooo stupid that they used the web browser on their fancy phone that was sold to them with the explicit intent of being used as a web browser. How dumb they are!
We say things like, 'Well Grandma, just use a different username and password for each site. And make sure each password is secure, letters, digits, punctuation....' What. The. Hell. Seriously?
But that's what we say. Like it's nothing. I have TWENTY SIX different passwords saved in my LastPass vault (that I've had for about 30 days). But it's the *user* that's stupid for not being able to memorize 26 different, complex, passwords? And yes, I know, there are tools to help but where does the typical user find such tools? I've been completely unable to find a guide that would take me from formatting / cleaning the MBR to a fully functional, secure, Windows install that gave step-by-step instructions for things like how to manage passwords, how to handle your backups, how to effortlessly encrypt your files and sync them to the cloud, how to secure your network, how to restrict your default user as much as possible, how to use the admin user to install new stuff, how to not save important files in a gmail, hotmail account because, when hacked, those files are available to the hacker....etc, etc.....At best you get a Windows nagware message saying to 'Install antivirus software' (which is largely ineffective anyway and seriously degrades system performance)
But EVEN if that guide did exist (and if it does, I'd really love a URL) you're still completely dependent on other people being secure. You might say, 'Oh, don't visit "bad" sites and you don't have to worry about the fact that even a fully patched, modern browser is vulnerable to malware' - but you are still depending on every site you do visit (reputable sites) to be secure. And, let's face it, they aren't. Big name companies get hacked. And if someone hacks a website and puts malicious code on the page, now your machine can get infected. It's easy to say, 'Oh, but that *hardly ever* happens' - which is fine, but it can happen.
Now, I'm not an unreasonable guy. I understand that you can never stop a user from *intentionally* running the 'HappyBunnies.avi.exe' file if they want to run it (without crippling his ability to use his computer). I'm not talking about that. I'm talking about everything else. When I visit a website, the website is free to tell my browser how to display stuff. When it manages to get my machine to execute arbitrary code, the system has failed. And it's *not* the user's fault.