Someone writes "I was reading the interview H D Moore gave about Metasploit 3.0, and I was
surprised by his answer about his point of view: "I do what I can to prevent this from coming to pass in the United States, by donating to the EFF and trying to make a strong case for the usefulness of exploit code. In the US, exploit regulation would kill research and lead to a degrading state of security for all US companies. Vendors patch because exploits are available, without "above ground" exploits that anyone can access, there is no motivation to patch flaws."
What is your opinion?"