Why would a NSA guy even run any AV? Isolate and compartmentalize everything based on the task and its dependencies. You should assume everything you run could be bad or that you are already compromised.
He works for the NSA, but he was on his home computer which is unlikely to stay air-gapped unless he's content with making mspaint art and playing skifree :)
Straight up. They spew forth this stupid reasoning so that the general public will become frightened. Most people don't understand what any AV does, or how it operates anyway. For them to understand compartmentalization based on dependencies is way too far out there. The US government might have granted access as well in another effort to spread fear amongst the uneducated American populus.
Is this reasonable to do with number of softwares even average people use?
There was a person on the docker team, who had dockerized every other applications like chrome, firefox, ALSA sound server, and more. But even she found it hard to sandbox everything.
I'm using docker as a leading sandboxing tech. Do you mean something else when you mean sandbox?
I should warn that Docker was never planned as a security tool. If you read the documentation on Linux containers you will see that they are pretty complicated and therefore can have vulnerabilities.
According to Google they have both, and based on the descriptions they probably follow the same model as the Windows one. That said, it would be kind of ironic if the original comment actually meant, "Use Mac or Linux for sensitive stuff because there's a good chance Kaspersky doesn't exist (or work very well) on them."
