This stuff is fascinating: a trade fair for (lawful) trojans and (lawful) keyloggers. We hate these things.* We fight against such malware constantly. We prosecute those that breaks laws in such a way. Yet there is a deep need, and clearly “legitimate” money involved in both private and public sectors.
I guess it can at least be one way a kid who finds herself on the wrong side of the black/white hat world and gains skills in malware creation/evasion, can eventually grow into a career doing the same thing for “legitimate” reasons. Certainly beats the untrustful world of unlawful crime.
* As a thought exercise, think about how many things happen on a network at home where a parent watches/controls a child’s experience and compare that to how adults fight against such unwanted spying. Also compare against how similar things happen in a corporate environment to maintain security. I’m not saying these are bad, but it is interesting trying to draw philosophical positions to stand upon when looking at the appropriateness or global utility of various security efforts and practices. Ya know?