Well someday we'll get CFAA reform... but even then I'm convinced that weev in particular would still have run afoul of it in this case (though presumably a misdemeanor variant of it).
Security researchers in general wouldn't run afoul of even the current version IMO, though it's certainly prudent for security researches to re-emphasize how key some of those techniques are for them, so that we don't end up in a surreal situation where even altering a URL, cookie, etc. one time would subject one to conviction under CFAA.
What the current version means depends on how it works out in prosecutions. If weev is prosecuted, normal security research is endangered.
That's the whole point of the Mencken quote squeak posted. Another favourite: "Bad cases make bad laws" - if bad principles get enshrined in the precedents made by convictions of bad people, those bad principles will hurt good people or good activity down the line. That's precisely why the EFF, Schneier, Felten, et al., are devoting their precious time to this case.
Security researchers in general wouldn't run afoul of even the current version IMO, though it's certainly prudent for security researches to re-emphasize how key some of those techniques are for them, so that we don't end up in a surreal situation where even altering a URL, cookie, etc. one time would subject one to conviction under CFAA.