[deftnerd]

I get that you're trying to say that Ransomware is a kind of evolutionary pressure to force IT ecosystems to adapt and improve, but that's far from saying it should be legal.

It's like trying to justify armed robbery as a method of convincing people to take self defense lessons, or burglary as a method to get people to upgrade their windows to lexan.

The middle ground, which is always a bit in flux, does already exist. It's known as Bug/Security bounties, similar to what HackerOne tries to make above-board.