there's a few different reasons: - its pushed by gov (it gives full access to machines, huge backdoor) - its not actually the worst of its kind, sadly - their threat database is good (ie it will catch stuff) - it lets you look at everything on the machine (not the only one, but, its def. useful) - its big - cant be faulted for "we had it and we got pwned" - yep, sad as well

If operating systems weren't as poop as they are today, this would not be necessary - but here we are. And I bet you major OS manufacturers will not really fix their OSes without ensuring its just a fully walled garden (terrible for devs.. but you'll probably just run a linux vm for dev on top..). Bad intents lead to bad software.