Since it appeared on slashdot today... [www.theregister.co.uk]
Regarding your question, the article states: "The guidelines establish that to successfully prosecute the author of a tool it needs to be shown that they intended it to be used to commit computer crime".
I think it would be hard to show that the authors of duel-use tools (like wireshark, nmap) intended them to be used to commit a computer crime. You would have a much harder time arguing that a site-specific worm was an academic exercise with no malicious intent.
Granted, this is just for the UK, and it hasn't even passed yet. I don't know how things are in the US. Nevertheless, I would contend that the likelihood of being prosecuted is directly proportional to the 'success' of the virus/worm... i.e. the more people that get pissed off, the more people that will be looking for vengeance. Finding a law that you broke won't be an issue, if it comes to that.
Regarding your question, the article states: "The guidelines establish that to successfully prosecute the author of a tool it needs to be shown that they intended it to be used to commit computer crime".
I think it would be hard to show that the authors of duel-use tools (like wireshark, nmap) intended them to be used to commit a computer crime. You would have a much harder time arguing that a site-specific worm was an academic exercise with no malicious intent.
Granted, this is just for the UK, and it hasn't even passed yet. I don't know how things are in the US. Nevertheless, I would contend that the likelihood of being prosecuted is directly proportional to the 'success' of the virus/worm... i.e. the more people that get pissed off, the more people that will be looking for vengeance. Finding a law that you broke won't be an issue, if it comes to that.