No, this isn't about lousy detection rate. I think we're pretty much resigned to that, irrespective of the latest fancy marketing terms the industry uses to sell us the same failed concept. This is about the forensic quality, or rather lack thereof, of anti-virus.
An interesting point. I think the reason is that, and the author hints at it with
If your enterprise-grade anti-virus software does any better in forensics than described above...
is that most AV is aimed at home/soho-users.These people just want the threat eliminated and don't care where it came from or when.
BTW one of the commenters says
Shouldn't we refuse any code that the developer doesn't digitally sign so we know where it came from?
Trouble with that is stolen certificates. Microsoft had that happen as did Adobe.
»Emergency Bulletin: Unauthorized Certificate used in "Flame"
»Adobe's code signing certificate has been stolen--
Don't feed trolls--it only makes them grow!