In an interview for SecurityFocus, Robert Lemos chats with one of the creators of MPack, a tool that infects websites so the websites in turn infect those who visit. The full interview appears here, but what I found most interesting was this little tidbit:
"This supposed link with real-life criminals -- I think it's bulls**t. AVers want to make an image showing us like bad guys stealing something from a store, etc. But really, almost none of my friends have any contact with criminals about our work or anything else."Now let's see. In the interview, he admits to creating, modifying, and buying security exploits, he admits to building a tool that uses those exploits to infect websites and download malicious code onto the PCs of innocent folks who visit those sites, and he admits to selling this tool to others, leading to what he describes as "tens of thousands" of infected web pages on the Internet. He even admits that he knows that all of this is illegal. But somehow, despite all of these admissions, he can't connect the dots and see that he and his friends are 'real-life criminals'. I'm sure a psychiatrist or a judge would have a field day with this guy; all I can do is shake my head and say go figure.
Perhaps this definition from Encarta will help clue him in:
criminal - somebody acting illegally: somebody who has committed a crime.