Comments on: Mahalo: Our hacker employee is no threat to your privacy

Jason Calacanis discovers a felon on his payroll, but doesn't fire him.

[PacGamer]

Privacy concerns? Meh. If anything we should be concerned about is Google, not Mahalo (if at all). Calacanis is a trustable person, an I will continue to do so. I see nothing wrong in his decision. If he says the criminal is under complete supervision and everything is walled off, I respect that.

[mrorie]

WAR IS PEACE FREEDOM IS SLAVERY

[bknowledge]

Uncle Sam keeps several hackers & crackers on the payroll to both help defend our systems and to do other things. So shouldn't business start doing the same thing.

[tim_castro]

The Employment Application at my workplace has a question about prior convictions. A positive response to that question does not automatically remove the candidate from consideration. However, our Personnel Department makes it very clear that if you are caught lying on your application, you will be terminated.

Perhaps Jason might want to rethink the Employment Application at Mahalo.

[another_cissp]

That is insane. I cannot believe a company would take that kind of a risk. Mahalo executive management has a responsibility to its employees, its customer, and to its investors to mitigate this risk. If some executive has a soft spot for him then employ him cutting your grass or something, do not put other people at risk.

[superduperuser]

There's plenty of stupid, arrogant employers out there... and companies which have no value.

Unfortunately, a lot of these dot com companies have no value whatsoever and very often no common sense.

[MadLyb]

Fire him

[m2mc]

In my mind, it's not the severity of the crime for which he was convicted, it's the fact that he lied on the application form. Period.

[ckinniburgh]

I read Jason Calacanis' e-mail today with a very open mind, and a very different view. Jason seems to have had the same experience in the IT world as I have: everybody in the field has experimented with pushing boundaries. Even if John Schiefer was caught, this would be as much a learning experience as anything else for him, both technically and morally.

On the subject of him lying on an application, I don't know that that is true, but that could be a valid argument.

There are a number of ex 'black-hat' hackers out there these days, and most of them are doing work which is far more security-oriented then anything John is doing. (This is an assumption. In Jason's e-mail, we are told that no member of the staff has access to anything other than the Mahalo Questions and Answers.) I would assume, after reading the email, that if John was interested in doing something with malicious intent he would not have any easier a time hacking Mahalo than any other kid out on the internet, or a person who was able to gain access to their office via some form of social engineering.

If people are truly worried about ex-hackers working in businesses, they should realize that a large number of people in the IT-Security profession didn't learn everything they know through a book. If don't want to use Mahalo because of this that's your decision, but realize that there are more ex-hackers out there than you think. He was caught, does that make him more or less likely to commit a crime again?

[bmelendy]

Who cares... why is this even newsworthy?

[Meg_Whitman]

Simple. Fire the person in charge of vetting potential employee's.

[n3td3v]

Keep hiring criminals and eventually you'll be a criminal organization run by crooks.

[viper396]

What an absurd statement. Your assuming that now he's just hiring criminals.

[rcardona2k]

Is the skilled talent pool so bad they have to keep a convicted felon on staff? If he's in the limited role they supposedly have him in, why not replace him with an honest, good-standing member of society whose services they'll continue to need past 1 June. No (thanks) Mahalo!

[mattmcb123]

Maybe he is white hat now... everyone does dumb things when they're young. He's probably fine now.
Try the <a href="http://sthrt.com">best homepage</a>

[superduperuser]

This is a really clear cut case of where some employer who is close to a person and has made a serious personal mistake is blinding himself to reality, possibly because he is too arrogant to admit he is wrong. The employer is just showing he is naive and conned. (At best. At worst, he has a deep lack of empathy bordering on sociopathy.)

I work in computer security in a trusted position. Thankfully, the best security researchers have some tincture of morality. It is relatively rare to meet the sorts of jerks who are showing themselves so commonly on the web: individuals who embrace an anti-morality. They relish in victimizing innocent people. They boast of how "bad" they are and they are celebrated for this. People think it is all great and fun... until they become the victims.

How people can be so insensitive or lacking of empathy, puzzles me. Perhaps they have lived spoiled lives and simply never been seriously victimized. If so, such hypocrites are the sort who deeply deserve to be.

Identity crime is not a joke. It is a nightmare. Maybe if this employer had his identity stolen he would be a little less cavalier about embracing his immoral employee... though whether the employee has simply conned the man or the man has not the humility to admit he is wrong, I don't know.

There are criminals who victimize innocent people and then there are those who celebrate them or simply do nothing. The two sorts work hand in hand. Society would be darned well near perfect without such heartless leeches.

Nobody's perfect, but there are clear boundaries of what can be expected of people and not. This kid went well beyond all clear boundaries, probably relishing the very fact that he is ruining people's lives. That is the sick fact of these sorts of criminals.

People who do business with such a company are leaving their brains at the door.

As for forgiveness, compassion... this is out of the picture in this case. The kid has not shown any sort of remorse or concern. Unfortunately, teaching the morally depraved such lessons does not come from prison. And... this is not the sort of juvenile hacking that people can just laugh off he was engaged in. This kid didn't do no harm. And he wasn't even really a kid at all.