Ugh, maybe on this computer my replies will show up with my user account (I don't mind a bit of bad karma every now and then, and I think it is hard to have an actual discussion with an AC post). Anyway..
Didn't your parents ever ask you rhetorical questions like "if your friends all jumped off a bridge, does that mean you should do it too?" or tell you "the ends do not justify the means" when you were a kid?
I think this is more akin to "an eye for an eye makes the whole world blind". But obviously, just because something is a catchy statement, that doesn't mean it's good advice.
If other people are attacking you, should you lay down all your weapons and hope they do the same? Maybe, but it's not a cut and dry situation like you make it out to be. I agree that in an ideal world, no one would exploit anyone, and all of our software would be bug free. But it seems naive to base our actions off of that world view when it is not the case. Is fighting and war bad? Yes. But I don't think a Ghandi approach will work in all situations, and sometimes fighting back is necessary. (That doesn't mean all cases, of course.)
Hacking without responsible disclosure is always unethical, and what others choose to do is irrelevant.
I think this is an incredibly bold statement. I think it's a bit hard to judge the ethics of exploiting a computer "in a vacuum", the context certainly matters. Let's take a hypothetical situation: if a computer was used as the trigger for a bomb which was going to go off and kill 100 people, would it not be ethical to hack in to the computer and disable it? [we can assume it also has all the fancy triggering mechanisms in place.. capacitive sensing in case someone gets too close, tilt/shock sensors in case something tries to move it, etc]
I find that belief absurd. And while I'm sure that wasn't the situation you envisioned when you made that claim, I think it's important to note there are cetainly extreme cases where hacking into a computer is clearly ethical.
If we're able to agree that
sometimes computer hacking is ethical, then it just becomes a question of where the line is drawn. How much personal information needs to be on the computer about to detonate a bomb before you decide it isn't The Right Thing To Do to hack in? I am sure there are cases where the government is happy to hack into something that I think is ethically dubious, but again, I think it is absurd to say it is never ethical.
The other thing is you have to consider that "cyber weapons" mean governments can gain intelligence or affect systems without hurting people. Stuxnet is an interesting example. How many lives would have been lost if instead someone bombed the Iranian nuclear facility, or killed off Iranian scientists (yes, I know this still happens anyway, sadly)? Stuxnet was a virus that infected the public's computers as well.
Based on our discussion so far I would expect you to say something like "well sure, maybe it's better than bombing, but having neither would be even better". That's a totally understandable stance, but again, that isn't the world we live in. I think it's a step in the right direction to at least try to minimize deaths.
Anyway, it doesn't sound like we're going to come to an agreement on anything, and that's fine. I definitely understand how hacking can be a moral grey area, and not everyone has to agree. However, I just hope people will accept that it is at least a moral grey area, rather than a moral black area.