One positive = They thought it was good enough to steal ... ... I am not anywhere near the programming level of people like you, sebkinne, etc., but isn't there a way to bind your Attack Scanner for updates, serial/integrity checks so you can have a cache and verify all of the AS's you sold?
(I sound like a Welshman, jk :) )
All in all; they have lost my trust AND I will not support/read any whitepapers, docs, info, etc. as they are probably someone elses' work. B)