When 26-year-old John Kenneth Schiefer decided to string together some computers to retrieve information off a network, he probably didn't think he could end up heading for an early retirement--in a prison cell.
Then again, his act involved a botnet comprising 250,000 PCs, and Schiefer had used the information to siphon money from users of online payment service PayPal.
The young American hacker now faces up to 60 years in jail and fines of up to US$1.8 million--all that, for illegally pocketing US$19,128.35 in commissions.
Does Schiefer deserve a 60-year jail sentence for stealing US$19,000? Some certainly think so.
News about his possible life-long incarceration incited a barrage of responses from ZDNet Asia readers, some of whom were especially livid.
One reader, who calls himself Geekoid , says: "I think this is just the right sentence to give out for scum suckers like this guy. Excellent stuff."
Another reader thedave243 agrees, noting that Schiefer "deserves every bit of the full sentence" for making "thousands of people" put in extra hours of work to recover the data and fix the problem.
Others, however, were more sympathetic.
Pal says: "I could only agree with giving a long term sentence if he were released back into public after, say, five years with the understanding if he messes up a second time, he finishes the whole sentence. Otherwise, 60 years is too long."
Steve Campbell adds: "This country is seriously f***ed up when pedophiles get five years, and hackers get 60."
Despite the, urm, expletive, Campbell highlights a good point.
It would be incomprehensible--to me, at least--if one gets prosecuted more heavily for hijacking personal computers, than another who hijacks the innocence of a 10-year-old girl.
This brings to mind a speech by a Singapore cabinet minister during the region's SARS epidemic. He talked about how SARS underscored the need for countries to be better prepared in order to cope with the next epidemic. Otherwise, he said, the well-being of loved ones could be adversely affected "or worse", businesses could lose millions of dollars.
I remember feeling appalled that a senior government official compared an economic loss to be "worse" than the population's general welfare.
In the age of modern technology and widespread commercialization, it is often too easy for businesses--and governments--to overlook some "lesser" priorities in life and societal obligations.
While malicious acts like Schiefer's bot attack must never be condoned, penalties for committing such crimes should be used as deterrence to other would-be hackers, rather than vengeance for economic loss or compensation for the man-hours required to repair the damage.
So would I want to see Schiefer spend 60 years in jail? No, I'd rather see pedophiles spend that amount of time behind bars and never see daylight again.
But do I want Schiefer to spend any time in prison? Absolutely, and enough jail-time to make sure he never again thinks about hijacking someone else's computer for personal gains.
So just how much time is enough of a deterrence for hackers like him? Well, a 24-year-old Singaporean undergraduate is currently serving a 27-month sentence for stealing the MSN identities of several women and using the information to blackmail one of them.
And 25-year-old Chinese national Li Jun was sentenced in September to four years' imprisonment for creating and selling a worm that allowed his customers to steal usernames and passwords.
How many years do you want Schiefer in jail?