Re: Worth nothing
I still think using Microsoft's AV is the best solution - they already control the OS code so if you can't trust them you're already screwed.
But if your using Win10 (or 7 or 8 with the CEI and added telemetry updates) you've already granted permission to MS and it's selected third-parties to scan and potentially upload the contents of your HDD. So you've effectively agreed to the NSA to spy on you in exactly the same way the US are accusing Kaspersky and the Russian spooks.
Now we can look at the source code of Windows and MS's AV all we want, but as you've already noted it is a meaningless exercise, in part because the hooks necessary to allow eavesdropping by state agencies are already present as they are needed to support the legitimate function of the code.
Unless other companies are significantly faster in updating the signatures I don't see why you'd want to go with a third party for AV software.
Well it is obvious from all the shouting from the US why you should now use Kaspersky! MS AV won't detect the US government malware, whereas Kaspersky will! Which effectively gives us a practical demonstration of security in depth and not relying on a single vendor!
Biting the hand that feeds IT
