I switched to Mac last year, and it's mostly been a good experience. However, one of the things that really bugs the snot out of me is that nearly every application you download and install wants to be put in the /Applications folder. This by itself wouldn't be a problem except Apple makes you authenticate to elevated privileged to put anything in there.
A lot of apps you simply drag them to the /Applications folder (which is included as a shortcut/symlink in the image you download), but many apps use an Installer.
Having to authenticate to install an app is the normal mode of operation on Mac. So your average everyday mac user is just going to click OK and authenticate without thinking twice anytime that authentication dialog pops up. The dialog could say, "This application needs to authenticate in order to convert the bytes on your drive to 0x0", and people would still click "Authenticate" and happily type in their password.
It would be simple to write a trojan that mimics the installer app, reporting back the user's password or installing a key logger.