It's such a waste of money to give these guys a salary when they are billionaires. If I were them I would lower my salary to $1 or I would give myself the salary of my lowest level employee as a gesture.

He screwed himself, that much is obvious. But the deeper question is if someone genuinely wants to become a pen-tester how should they go about becoming one? When there is no way into the Cyber Security industry then we cannot complain about these desperate hackers who want to find a way in.

How exactly could he have become a pen-tester in the proper way and have avoided this? I don't see how he had so many clear options. I also don't know who told him what. Someone could have mentioned to him that this is how to get noticed or recruited. He still would be an idiot for believing them, but I'm surprised he gets 30 months time for something like this as that seems to be a lot of time.

You are right they can't trust him but lets be honest you can't ever trust a social engineer regardless of which side they are on. They are social engineers. It doesn't change the fact that we need social engineers to pen-test networks.

Mugging is not remotely similar to what happened here. This guy did a non-violent crime. I'm not justifying any crime of any sort. What I'm saying is that the political policies and in specific corrupt economic policies are going to put hundreds of thousands of people just like him into this desperate state of thinking and situations. It's only a matter of time before cyber crime begins to rise in response to the economic situation.

When people can't find jobs they find something less than constructive to do with their time. What do you expect to happen?

You're being as naive as the guy who thought he could blackmail his way to a job. The job at the supermarket is reserved for people who have friends who already work at the supermarket. If you're not already in with them you wont be hired. If it's a big supermarket then you wont be hired because you dont have any experience working at supermarkets because you're a computer genius. Finally the skills of a computer genius are the exact opposite of the skills required for a super market. You picked probably the worst possible example. A better example would be if this guy and 5 of his friends started their own computer run business, but you aren't going to take a person with computer skills and try to make them into something else in which they have no skill or experience.

That being said starting a business is very hard to do by yourself and if you have no friends you wont have anyone to hire. A lot of these computer geniuses don't have friends because they are computer geniuses and sometimes the skills of being solitary writing code all day are the exact opposite of the skills needed to organize a team. Nobody taught this guy leadership skills but then again most people in most industries dont have leadership skills either so he's not alone.

When people can't find anything else they resort to crime. Finding something else to do isn't usually an option for most people in this economy. If you're a genius at computers thats the only thing people are going to pay you to do. No one is going to pay you to mop the floor because theres someone who has been mopping the floors for 5-10 years now who has an advantage over you. No one is going to pay you to work at the supermarket because theres someone who is probably older than you who worked at the supermarket before and who has years of experience.

Let's not overlook the economic factors in this case. I think if this guy could easily have found a job this entire chain of events would have never happened. And no I don't think you can take a person who is a genius in one area and tell them to switch careers. If it were a doctor, or a pilot, or a scientist, we wouldn't tell them or expect them to go work at a supermarket for the rest of their lives after investing their lives into that. It's just as naive as what he did.

I'm sure he knows that now that he's in prison. The point is he had the balls to try to change his life and got put in jail because it tried to change it in the wrong way. It doesn't mean he had bad intentions it just means the way he went about it wasn't the smartest way. If life isn't designed around your wishes, talents and desires then you're supposed to do everything you can to find a way to change that.

What he did however was brave on one hand and naive as hell on another. He probably should have set up a pen-testing company first. He probably should have built a track record with small businesses doing security. He probably should have had a team of people who he worked with and some advisers but of course he went about it the wrong way. It appears he wanted to have a career in pen-testing and didn't know how to make a career for himself.

Who is to blame for that? There is no script or instructions or mentors to tell him how to become a pen-tester. Just putting a bunch of hackers in jails does not solve the problem because the next generation are going to be even more desperate and willing to do even more damage. Their skills will wind up going to waste while they rot in prison when they could have been using their skills to benefit cyber security.

You have corporations now who hire pen-testers to basically do exactly what this guy was doing. They do the exact same job, live the exact same lifestyle, only they get paid and because of the contract they aren't at risk of going to jail. His mistake is he didn't understand the legal system and he didn't have his shit together.

I'm not excusing his actions. I'm saying that political policies promote criminality. When you have polices which produce high amounts of unemployment among skilled labor such as this guy then the result is many of them become criminals.

People need money to survive and that is a fact. We don't know the circumstances of his life to know how bad he needed a job nor do we know what information he was told. He could have been led to believe that this is how you get recruited into the Secret Service. There are guys like Albert Gonzalez who got recruited exactly this way. Then you also have guys like Adrian Lamo who did similar activities and they didn't receive 30 months in jail for it. The guy could have just been desperate and naive.

It never happens quite like that. First they never say what these people are being recruited for do they?
So even if this guy was naive and thought he would get recruited by the Secret Service or some other group there was no guarantee.

Also these "recruits" are typically given the worst jobs and then tossed away like trash when they arent useful. Look at Albert Gonzalez as an example.

Why would anyone want to be him?

It's actually fairly common among hackers.

He's definitely guilty of extortion, the question is why were so many resources invested into him?
Now he gets 30 months in prison where even more resources are going to be put into him?

And I'm not sure what message it's supposed to send. If the message is not to extort big corporations I'm sure anyone with sense knows that already. On the same token what are people supposed to do if they find bugs or potential backdoors?

This basically tells them to keep their mouth shut and don't tell anyone. It doesn't actually improve security if we dont know there are holes.

The real question is why are so many people so desperate to find a job that they are beginning to resort to blackmail?

And how often is blackmail being used or perhaps other means like quid pro quo to decide who gets hired and fired?

In some ways what he did wasn't stupid, it was just inappropriate.

Credulous is not the same as ignorant. The guy was clearly smart. He was just too credulous and perhaps suffering from aspergers syndrome.

But you'd also know your IT dept sucks.