Christopher Hoff asks an admittedly naïve question: "If I ... engage in reverse engineering of a product that is covered by patent/IP protection and/or EULA's that expressly forbids reverse engineering, how would I deflect liability for violating these tenets ...".
There are actually few issues with reverse-engineering itself. Reverse-engineering is LEGAL, PROTECTED BY LAW, and ETHICAL. Many of the issues people think are due to reverse-engineering are actually due to other problems.
Hoff mentions the recent HID case, where the company sued a researcher on patent grounds to prevent him from disclosing their problems. The details of the case had nothing to do with reverse engineering. In order to demonstrate cracking of HID's keys, the researcher had to build a device. That device MAY have been covered by HID's patents. Therefore, HID claims were about patent infringement; they had nothing to do with reverse-engineering.
In the Mike Lynn case, Cisco claimed that Mike did something more than simple reverse-engineering. For example, Cisco suspected the Mike was going to disclose the source-code that was rumored to be stolen a couple years ago. Therefore, it wasn't reverse-engineering itself that was at the crux of the suit.
There have been other famous cases of reverse engineering, from printer cartridges to video game compatibility. In virtually every instance, the right to reverse engineer products has been protected.
The reason reverse-engineering has a bad odor is because breaks down in two places: EULAs and the DMCA. EULAs are tricky because you agree NOT to reverse-engineer their product. If you reverse-engineer the product, you are breaking a contract. The DMCA forbids reverse-engineering where the effect of the reverse-engineering is to break copyright. It specifically says that you can still reverse-engineer iTunes and the Zune in order to interoperate with it or to find security vulnerabilities, but you may not reverse it in order to bypass the copyright protections.
An illustrative example is the ruling in the Blizzard vs. Bnetd. Bnetd was an open-source server for playing games like Diablo and Starcraft. Bnetd was found guilty of two things. The first was that they were found guilty of breaking the contract with Blizzard. They had purchased the games and agreed that they would not reverse-engineer Blizzard's products, but reversed them anyway. Second, they were found guilty of breaking the law under DMCA. While they were within their rights to create "interoperable" software, the effect was to enable bypassing of copyright. Blizzard servers checked license keys, Bnetd servers did not, so Bnetd enabled software piracy.
Therefore, if you want to do reverse-engineering, you can (probably) ignore the law on reverse-engineering, but you have to pay attention to the EULA and the DMCA.
Bypassing the EULA is usually pretty easy. For example, bought Cisco routers off of eBay. I am reverse-engineering the code I found on those routers. I am not agreeing to Cisco's EULA; I have never agreed to the Cisco EULA. Bypassing the DMCA is even easier: if you aren't helping copyright pirates, then you probably aren't breaking the DMCA law.
Recently, Dave and I posted information about Airtight. This was forbidden by their EULA. However, we did not agree to their EULA, so therefore we did not break their contract. We sat down outside of somebody else's installation and sent wifi packets at them, and monitored the packets sent back from them. We could therefore review their product because we did not actually use it. (BTW, you should wary of company with EULA's like Airtights because nobody can publicly challenge their claims).
Hoff asks "Do you ... simply count on the understanding that if one can show "purity" of non-malicious motivation that nothing bad will occur?". Again, this question is false. There are no "pure" motivations. It's like how guilty criminals in jail believe that they are innocent because their motivations were somehow pure. Publishing advisories to pimp your cleverness is not a "pure" motivation. Mike Lynn's motivation in the Cisco case was not "pure" (How much really has the Internet been made safer by his actions? How much fame and higher wages has he earned??)
Your own justifications are not a legal defense. Remember that justice is blind. It cares about law as written, not whether you are a good person at heart, or what your justification is. The legal system is like computer code, it is largely automatic and inescapable. I often read just justifications on Slashdot and am amused by how they just wouldn't work in the real world.
The real question is whether you can count upon whether it is in a company's best interest. Microsoft, for example, does not sue people like eEye who maliciously reverse their code because it's not in their best interest. Microsoft has had plenty of justification to sue me (even in areas outside of security), but has not because it's not in their best interest. On the other hand, there is a good chance that companies will not recognize their best interests, such as Cisco in the Mike Lynn case.
Note that sometimes companies are forced to act even when it is against their best interests. Microsoft, for example, must sue teenage kids to protect their trademark even though it generates bad publicity. Likewise, ISS was forced to sue Mike Lynn in the Cisco case. However, HID was not required to sue to protect patents. When and why such things are automatically triggered is a bit tricky.
Lastly, the biggest point to take away from this is that people can sue you even when they are wrong and you are right. In the HID case, they were almost certainly wrong, but it would take a lot of money and time by the researchers to prove this to the court. Likewise, websites hosting the recently cracked AACS key comply to takedown notices even though the law may be on their side. It can easily take 100k to defend yourself in court. Companies don't want to spend that much to prosecute you either, and will likely back down if you stand up for yourself, but they are betting that you will blink first.