[BitMastro]

I agree in general with all your point, apart from 4 and 5.

Malware in linux repositories is "practically" impossible. Software is most of the times peer reviewed and patched in different ways by different distros. And if a particular software becomes more popular it also comes under scrutiny by more people that want to change the source to add their own features. All the packages are checksummed and repositories have cryptographic keys to establish authenticity.

Of course bugs and security vulnerabilities exist, but the same applies to other OSes as well. And I do understand that UAC is obnoxious for users, but they didn't care about creating problems for legitimate users with the no-ip case since it was posing danger.

That android report makes two assumption: a very wide definition or malware (also installing java should be considered a malware because toolbar), and the fact that a malware doesn't usually last more than a day before being removed automatically.