In general, what do you think about companies hiring convicted hackers to help them deal with cybersecurity issues? It's fairly clear that many -- perhaps most -- of the folks who step over the line in the hacker community do so out of a sense of exploration, challenge and the desire to be admired by their peers. These are the exact same reasons why someone becomes an entrepreneur, and why they might start a company like Google, Yahoo, or Mahalo.

In other words, the core desire in many of these individuals is good, but horribly misdirected. As a society we have very hard decisions to make about these individuals. They are in fact damaging society through their actions, and our growing digital dependencies only make their actions more significant.

So what then is the best way of handling hackers who cross the line? Clearly we must make examples of people who step over the line, but we must also look with compassion and support to those who are willing to rehabilitate themselves. In this case I believe John could be put under house arrest and be under constant computer monitoring -- at his own expense -- and help make the world a better place. I hope his four years in jail don't hurt his progress, and that when he leaves jail he can start his life off where he left it: as a friend, hard-working team member and a brilliant contributor to society.