On reflection, the analogy bites a little closer than I might like to admit. They are stalkers, to each and every one of us. What they do is literally an attack on the entire internet (- IAB).
Please bear in mind that GCHQ are actually worse than the NSA in every way. They have essentially no "equities issue" to speak of; they operate both internationally and domestically; they have repeatedly ignored the law with essentially zero oversight, consequences or meaningful reproach; they have spied, and continue to spy, even on UK Government departments and MPs; and they are very probably about to get official powers to do mass hacking, which in typical form, they've already been doing for years anyway.
Bear in mind also that this is software that they use for analysis of data collected by spying on all of us; graph analysis software that is literally being used right now to select who to murder.
Forgive me if, therefore, I might hesitate to run any of the code of an organisation with a long history of deploying malware against innocent people.
We can be as negative as we wish towards these agencies, but rejecting any and all attempts at communicating with the open source community is a strong way to reinforce their already insular culture. Embracing these projects in some way or another can possibly work as positive feedback toward greater organizational transparency, if not by the brass, than by the developers and engineers that work in these organizations.
"But software which OpenBSD uses and redistributes must be free
to all (be they people or companies), for any purpose they wish
to use it, including modification, use, peeing on, or even
integration into baby mulching machines or atomic bombs to be
dropped on Australia."
-- Theo de Raadt
Thus, I applaud the helpful and constructive act of releasing this product as open source, and will certainly consider it if I ever need a graph database. This does not, of course, constitute approval of every GCHQ policy.
Who are "these people"?
In what way are GCHQs coders and techies "evil"? Is it just because they have so widespread snooping powers? Is that still a problem if they have used those powers to prevent harm and injury from events that you won't have heard of? At what point does the latter outweigh the former?
I also suspect that if we follow the "GCHQ==Evil" logic, we would pretty quickly find that every coder working for a big enterprise is also "evil", and probably quite a few working for smaller ones too.
Given that it's OSS, it's not as if you're funding their vile actions by using it either.
And secondly, I'm sorry but i don't buy the slippery slope argument. As intelligent people we have clear boundaries about what is acceptable as the mandate of an organization and what isn't. If we took your approach to social issues we would never protest illegal wars because everyone else is involved in them or protest BP for polluting the Gulf because everyone drives cars. Its a ridiculous argument m
If you want a security expert's opinion, read Bruce Schneier's blog, and if you are inclined to learn more about the ethics, this page is great: http://cs.stanford.edu/people/eroberts/cs201/projects/ethics...