Yep. But any distro with LSM will let the user confine it and Ubuntu/Mint, the two most popular user distros come with it enabled by default. I'm not really asking for that much, really. Definitely nothing hardware intensive. I'm not really asking for anything as I will be providing this myself in (hopefully) the next 6 months - 1 year. I don't think even an educated user can be blamed (not that this is what you're saying.) We're simply incapable of practical analysis. An antivirus heuristics engine is looking at the code itself, it's checking it against trends in malware, it's incredibly complex. We're amazing beings but we're not designed for that and we're very trusting. Blaming humans for being human is just lazy.