Ryan Goldstein: Digerati Faces ?Justice?

This will be brief. I promise.

You'll recall my frustration when New Zealander hacker, Owen Thor Walker, AKA "AKILL", was indicted as a "super hacker" back in April (see AKILL Convicted Are We Safer Now?, and my even greater frustration when he got off with no jail time and only having to pay $11,000 in restitution (which was only about 1/5th of what we could PROVE he had stolen!)

I'm back in frustration mode over the sentencing of Ryan Goldstein. Goldstein was finally sentenced yesterday in the East District of Pennsylvania, after being indicted more than eleven months ago (November 1, 2007) for "18 USC 371 - Conspiracy to Commit Computer Fraud".

Ryan traded favors such as "an undetected, unreleased bifrost beta with 100% antivirus and firewall bypass", as well as passwords to various forums to incentive AKILL to DDOS groups which had bothered Ryan, including TAUNET, ssgroup, and others. No one probably would have noticed or cared if it weren't for the fact that Ryan decided to host a malware update on some servers at University of Pennsylvania, where he is a student. When Walker instructed his 50,000 compromised computers to update themselves with code from the UPenn server, it caused an "accidental" Denial of Service, disabling some of the network services at UPenn.

Ryan's lawyer, Ronald Levine of Post & Schell, got an extension until March 10th, but they decided to plea out, and did so on February 29th. Since then, sentencing was scheduled for June 10, August 5, August 19, and finally October 21st.

Ryan was finally sentenced yesterday to 90 days in jail, followed by 90 days in a halfway house, and 180 days of house arrest. He will also not be allowed to use a computer "other than for work or school activities" for five years.

The prosecution failed to bring any charges regarding the more than 1,000 child pornography images found on his computer. They then agreed that he could schedule the 90 days at his convenience, so as not to conflict with his class schedule. He'll probably serve them during summer vacation.

I'm not sure what kind of school wants to have a convicted computer criminal and child pornography collector as one of their students. I guess he'll get his degree and go find a job, after his brief visit to jail.

The judge apparently shared my frustration at the lack of serious charges, based on his remarks reported in the Philadelphia Inquirer yesterday. U.S. District Judge Michael Baylson completed the sentencing of Goldstein, and then turned to his next case, where he sentenced Derrick Williams to two years for possession of Child Pornography. The judge thought it worth noting that "It seems very unfair. . . . I want to note for the record that Mr. Goldstein is white and Mr. Williams is African American and that adds to my discomfort". According to the Philadelphia Inquirer, both men possessed roughly 1,000 images of child pornography.

According to the sentencing guidelines, Williams should have received an 8 to 10 year sentence.