Of course there are pros and cons to this position, but just to state a con: anti-virus is usually running with elevated (if not maximum) permissions, tends to load basically any input and once in a while tries to be clever by using self-written interpreters or something along the lines of that.

Using a native AV that does basic heuristic detection is fine and dandy and usually comes with a low performance penalty and requires few rights that other parts of the system do not already have.

Using a non-root user for the daily grind and switching to elevated privileges only if required, running a PiHole (or a software adblocker) and monitoring outgoing traffic using Littlesnitch or LuLu likely comes at a better attack surface/performance/security trade-off, though, AFAIK.

I think the point is that on controlled images like voting machines you shouldn’t be installing anything at all this an anti-virus is unnecessary.

Ah, excuse me. I was not referring to the XKCD at all, I should have been clearer. Agreed, as usual „it depends“.

Most of the countermeasures that are sold (such as AntiVirus software) are pretty much snake oil. The single easiest and most important thing you can do to keep your systems safe is to keep them updated.