Here's another viewpoint I just thought of. Let's say you're
a big company, like those guys mjr was talking about, and you have
a few thousand PCs and Macs, and you run virus scanners on bootup
and all that. Let's say it costs an hour of somebody's time when you
find a virus, say $50 (that's conservative). Let's say that you spend
an extra $25,000 for the firewall with the cheapo 'try a couple
common tricks and run a stock virus scanner on the output' virus
checker module that works on, say, FTP'd data and you might as well
have it do email too, what the heck.
This thing has to detect 500 viruses at the firewall, or (more
exactly) has to prevent 500 infections, to pay for itself. If you've got
people FTPing Cool Stuff regularly, and having friends email them Cool Stuff,
I expect this wouldn't take all that long.
Reducing the rate of virus infections by 10% is a lot more useful
and interesting than reduing the rate at which breakins occur by 10%,
perhaps one should think differently about the two phenomena.