Of course.

But if we're looking at hard facts, the dynamic real world tests from AV comparatives do not feature any free products in the top 5 for year-to-date (Bitdefender,Symantec,F-Secure,Kaspersky,Gdata). The free brigade all lag behind, with Avira at 9th (avast and avg at 11 & 12) position at 97% detected and 3% compromised.... which isn't bad, but is pretty abismal compared to the leaders who consistently run at 99.6%+ detected.

I would much rather have a consistent 0.4% miss rate than a minimum 3% (or more, depending which free product or whether they've reacted in time to some new zero-day threats ) miss rate !

If you look at it in percentages of 365 days...that's just over 1 day a year when the leaders might miss a virus compared to the 11+ days the freebies spend lagging behind ! Or 35 hours a year compared to 263+ hours !

Yes, fine there are some commercials in the lower ranks (Sophos & Mcafee... but then they always had a low reputation in the industry, and we've already agreed on your counter-argument about paying & quality), Symantec & F-Secure are consistently highly ranked along side Kaspersky etc.

With paid products, there is the commercial incentive to continue developing and improving the products on offer.

This is certainly evidenced in your two examples with the improvements Symantec have made, and certainly with Windows 7 being what Vista should have been.

I know you'll probably say.... Ubuntu-this, and Ubuntu-that.... but open source is a different kettle of fish in terms of software develpment approach, and there are also equally many poor quality elements of open source software too. There are also many open source products out there where the developer(s) have lost interest , or there has been in-fighting amongst the developers and the open source product disappeared into oblivion.

Fact of the matter is that proper analysis of threats and development of anti-virus products (particularly the heuristic algorithm elements that enable correct and timely detection of zero-day viruses, and the running of support organisations to assist customers and review new threat samples that get submitted) is a time consuming and expensive process. Freebie providers simply do not have the resources behind them to do this, Symantec have 17,000+ employees and pleanty of cash to throw at it (plus additional advantages such as having bought MessageLabs and hence being in a good position to see zero-day threats appearing in vast volume email streams, and passing the benefit back down the chain to their AV customers), this enables Symantec to run 24x7 labs and invest in significant R&D.

I'm not saying free AV is bad... afterall, some AV is better than no AV. Similarly, just going out there and stating "Why pay when you can do it 'for free'? " is an equally questionable stance.

There is a place for free, and a place for paid elements of computing.... but just rushing in and replacing everything paid with free is a short sighted approach that will end up biting you in the backside.

P.S. Please DO NOT tarnish Norton and Symantec with the same brush !!!! Different products.