Comment by neilv

Legal questions...

In browser plugins and mobile apps (and maybe WordPress plugins?), it's pretty well known that malware attackers buying those is a frequent thing, and a serious threat. So:

1. So is there an argument to be made that a developer/publisher/marketplace selling such software, after it has established a reputation and an installed base, may have an obligation to make some level of effort not to sell out their users to malware/criminals?

2. Do we already have some parties developing software with the intention of selling it to malware/criminals, planning that selling it will insulate them from being considered a co-conspirator or accessory?