Plus, some categories of technical users like sysadmins are probably the worst possible people to disable SIP because even though the probability of attack is much lower, the potential impact is orders of magnitude higher.

I always ignore spam text messages, but got a phishing attack message made to look like a USPS update about 2 months ago they almost fooled me because I had a legitimate package that was missing. I clicked the link, and even entered my email address in the landing page form and was about to enter credit card details for a $2 ‘redelivery’ charge - which I was also primed for because I’d recently paid USPS a similar amount to redirect my mail after moving.

I was creating a one-time use virtual card to make the payment when my thoughts caught up with me and I realized it wasn’t a legitimate page.

Either 1) we say that Mac-using developers are stupider than Linux using-developers, and it’s irresponsible for Mac-using developers specifically to turn it off.

Or 2) we say that Linux is “horribly” insecure and it’s irresponsible for developers to use Linux whatsoever and they should go out and buy a Mac immediately to save themselves.

Or 3) we say that Mac-using developers are not stupider than Linux using developers and it’s fine to turn it off if they want.

Personally I’ll go for #3.

Good old Apple, slowing my(?) Computer down daily to protect me from myself.

Does anyone tally attacks by type? i suspect most successful attacks against sysadmins are via social engineering/xss/token stealing on their perfectly uncompromised machines rather than malware.