Symantec's Hall says free antivirus is for chumps
"People tell me, 'oh well look I use free antivirus because it is free and it protects me from everything in those areas,' but when you compare that with what's really going on in the threat landscape, there is a very, very big gap between what antivirus does and the threats that are being delivered today."
He later continues, "[...] attackers are not necessarily only targeting the web browser. Think about all the plug-ins you have installed on your machine – RealPlayer, Flash, QuickTime – all of these have vulnerabilities too."
Yes, the threats we face on the Internet have changed over the years and In some respects, Hall is correct.
Like many of you, I no longer rely only on AV software. It's a starting point in keeping my systems protected. I also use a firewall, OpenDNS or a hosts file blocker, and browser addons like NoScript and NoFlash. For added protection, I'll use Sandboxie (and sometimes Windows SteadyState). All of these tools are totally free, and they've been doing the job quite nicely on my home systems.
Hall's quotes do help explain why I've seen several machines on my workbench running only Symantec's own Norton Antivirus that have fallen victim to drive-by attacks. Yes, Symantec, even users running your AV protection aren't totally safe. And it's not free. They paid for it.
In fact, they're still paying for it.
See what I did there?