|
|
|
|
|
|
by wernercd
3242 days ago
|
|
|
While the tools, methods and knowledge might be similar or the same... to say "the thinnest of lines between the two" exists is a bit disingenuous. There is a MASSIVE difference between researching security holes... and then selling the exploits for those security holes or tools that use said security holes. Again... if the chatter here is accurate, he's not being "arrested" for research... he's being arrested for tools created and sold with the knowledge gained by said research. There's a difference between discovering a hole in a banks security... and robbing a bank using that hole. Massive difference. |
|
|
Writing malware should not, in and of itself, be a crime. Security researchers need to create proof of concept programs in order to do their jobs. I don't think that he should get off scott free because someone else handled the actual marketing, sales, etc but if he didn't gain anything from those sales, or fraud perpetrated in connection with the malware, then - having been arrested and indicted and such - he is just as much a victim as those who were infected.
To use your bank analogy, he found a hole in the bank's security. Someone took knowledge of that hole and sold it to some bank robbers who went on to rob the bank. The seller of that information says that he got it from Hutchins. Unless Hutchins got a cut of the sale, did he do anything illegal? Is there anything really connecting him to the robbery other than evidence that he knew about the hole first and the word of the hole seller?