I don't think showing administrators proof of concepts on public machines in your library is a good idea, but it shouldn't be a felony though.
Yes, it should be. It shouldn't be any different from breaking into somebody's house, sitting on their couch, and watching their TV until they came home.
In any case, the situation was more complicated than that.
Correct me if I'm wrong, but isn't a proof of concept just showing that an vulnerability exists, without actually using it for anything malicious?
I'd say it's more like opening the door, leaving it alone and then demonstrating it for the person who owns the house so that they can fix the door, but maybe my definition is all screwy?
I've heard things about the situation, but I figured they were just rumors... I'm guessing I don't know much about it because I didn't really know anyone in the vL group very well around the time it happened.