So how bad is it really OS vulnerabilities spyware etc?
I just ran a spyware scan for the first time in 5 months... I had tracking cookies up the wazoo (expected) msn adobe paypal realmedia use tracking cookies, but no spyware. I have no active spyware protection I run Windows XP Pro that I have automatic updates turned on.
I surf all over the net for hours at a time probably look at 100 different new web sites a day sometimes more no problems.
What I don't do:
Social networking MySpace Facebook etc...
Cutsy free apps like weatherbug or free smileys or trick cursors, wallpaper, calendars, and downloaders, password caches etc.... "Freeware" isn't always free do research on any program you download.
I don't open unexpected file attachments or surf to web links passed to me in emails especially if they come from "my bank" "paypal" or "e-Bay". I use Outlook 2003's built in spam filter and average 2 or 3 pieces of spam a day. If I do want to explore suspect links or websites I do it from a virtual machine that I can throw away if it gets munged up. I have a good idea what I am getting into when I do go to dodgy sites professional curiosity being what it is.
I do use a bittorrent client but mainly to download software with the occasional movie or TV show.
I use IE 7.0 mostly although I have modified it to report as google bot and some SSL protected web sites refuse to let me in so I switch to FireFox, that isn't a failing of IE just silly "security" programming some web guru thought they should include on those web sites. My security settings on IE are set not to run unsigned activeX and to prompt for any other activeX. I use Sun's Java virtual machine.
On the other hand I have seen some nasty machines in my job with thousands of pieces of spyware and viruses. Heh you have to know where they have been.
The best defense against spyware and viruses is your brain use it!