Mahalo CEO who hired convicted botnet leader

Search engine exec says he hopes to offer John Schiefer a new job after sentence is up.

Jason Calacanis, founder and CEO of search engine start-up Mahalo.com, defends his decision to allow former security researcher John Scheifer to continuing working at his firm even after discovering he was a convicted felon.

Scheifer was sentenced to four years in prison on Wednesday after pleading guilty last April to four felony counts involving illegal access to computers, illegal interception of data and wire fraud. He is the first person to be charged under federal wiretap statutes for using a botnet to steal data and commit fraud.

Scheifer and his accomplices infected more than 250,000 PCs, and stole usernames and passwords they used to break into PayPal and other financial accounts.

Calacanis, who was at the sentencing, expressed in a blog post Thursday his support for Schiefer, and wished that he had been sentenced to supervised home arrest instead of incarceration in a federal penitentiary.

Calacanis said that when Mahalo first hired Schiefer, the company did not know about his background. And when it found out about his crime, the company could have fired him on the spot because that was the "easy choice," Calacanis wrote. "But rather than do that, the company decided to give Schiefer another chance, after hearing about his tough childhood, his anger issues and how he'd found a level of peace by being at Mahalo.

Calacanis said that while Schiefer might have been an "angry stupid kid" when he launched his botnet attacks, all developers pushed the envelope when they were young. "Anyone in technology knows this dark, dirty little secret," Calacanis said in his blog.

Calacanis speaks a little more on his support for Schiefer by e-mail:

There are some who think that Schiefer probably got what was coming for his actions. Why was John deserving of a lighter sentence? Without knowing John, I think I would agree that he got what he deserved and, sure, it could have another year or two. After getting to know him I can tell you -- and in fact he would tell you -- that his behavior was based on a lack of guidance, immaturity and anger. Getting to know him, I've watched him not only grow but flourish while working with a team of intelligent technologists.

You said in your blog that you would have never hired John (or people like him) if you had known of his background during the hiring process. Has this experience changed that outlook? In the past, I would have probably never considered hiring a felon for my startup. In fact, they would have probably never made it in for an interview. After this experience, I think I've learned something about rehabilitation and the role private industry can play in it.

After this, I would certainly consider someone convicted of computer crimes. However, I think you have to look at each case and person individually. Not all hackers are cut from the same cloth.

What was John's role in your company? John is a systems engineer, which means he works on Web servers. However, it is important to note that he does not have access to our database servers, that all of our password data is encrypted so no one on the development team can access it, and his work is supervised. Also, we are a content site and we don't deal in sensitive data. He can, in fact, only do harm to us ... not our users. If John wanted to, he could turn off Mahalo, but we're willing to take that risk -- we trust him.

In general, what do you think about companies hiring convicted hackers to help them deal with cybersecurity issues? It's fairly clear that many -- perhaps most -- of the folks who step over the line in the hacker community do so out of a sense of exploration, challenge and the desire to be admired by their peers. These are the exact same reasons why someone becomes an entrepreneur, and why they might start a company like Google, Yahoo, or Mahalo.

In other words, the core desire in many of these individuals is good, but horribly misdirected. As a society we have very hard decisions to make about these individuals. They are in fact damaging society through their actions, and our growing digital dependencies only make their actions more significant.

So what then is the best way of handling hackers who cross the line? Clearly we must make examples of people who step over the line, but we must also look with compassion and support to those who are willing to rehabilitate themselves. In this case I believe John could be put under house arrest and be under constant computer monitoring -- at his own expense -- and help make the world a better place. I hope his four years in jail don't hurt his progress, and that when he leaves jail he can start his life off where he left it: as a friend, hard-working team member and a brilliant contributor to society.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags botnet

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jaikumar Vijayan

Computerworld
Show Comments

Cool Tech

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Breitling Superocean Heritage Chronographe 44

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?