Re: He was still guilty.

> He did not engage in theft, fraud or extortion, and should not be punished as if he had.

He stole the source code for the site and did not disclose it until police were knocking at his door (which was then when he chose to delete it)

Frankly I disagree that the man did not want to gain anything.

He certainly wanted to gain a job out of it and use it to that end, or was hoping that facebook would be like yahoo and financially reward him for it.

He hacked the network without permission (something a true white hat doesn't do and is also against the law) and also didn't inform facebook of the hack or vulnerability at all until his arrest three weeks later.

Holding onto the source code for weeks without disclosing the bug is what caused facebook to be so agressive in court.

Ultimately the lesson here is: its ok to be a white hat as long as you have permission to do your testing.