(Which does more than just selectively filter javascript domains.) What I do is harden my system as much as possible, by running an ipfw firewall (you can use a graphical front end to it like NoobProof or Waterroof) and little snitch, and using Firefox with the NoScript plug-in rather than Safari. Even on Windows, signature-based virus scanning is not very effective anymore even where viruses are a threat. I don’t actually run an antivirus, viruses per-se aren’t the main malware vector for Macs and they take up a lot of resources. By now, the Mac OS has a large enough market share to be vulnerable.
When I used BeOS, I had “security through obscurity” because the common “teenager hacking software” doesn’t understand BeOS.
I’m the only one who’s touching my own MacBook but just to be safe I did install iAntiVirus and MacScan.