NK: No. What I showed is that, through writing analysis, Nils watched Wirepair for six months to a year. As soon as Wirepair would put out any good exploit, [Nils] would take that code and immediately put it into his code. As for what Wirepair did, he was putting out fully functioning exploits. Some of them are active scanners. I wouldn’t say he wrote something for a virus. But someone else took his code and put it in. So what he put out was an attractive nuisance.
IW: There’s nothing illegal about releasing exploit code, though, is there?
NK: As for the legality, I’m not a lawyer. I can’t tell you whether it’s legal or not. One interpretation would be that it’s like laying a handgun outside a house. You’re not responsible for shooting anyone, but it also falls under full disclosure. He’s giving a working proof of concept.