Should he really be extradited? I say no.
I've always been slightly confused. As I recall the timeline, (from memory, & without consulting a pile of saved web pages), went something like this.
2000 - 2001 Gary McKinnon carries out the hacking.
2002 He's caught & confesses. The US government is asked if they want him prosecuted under UK law, (2 years inside and/or £5000 fine IIRC), they decline.
2004 - 2005 The treaty is signed by David Blunkit, to allow the extradition of terrorists to the US. The US immediately apply for the extradition of Gary McKinnon, amongst others, using this treaty. None of them terrorists, at least as I understand the term.
This is why I say he shouldn't be extradited, tried yes, but extradited for trial in the US, no.
My other "moan" over all this, is that according to what I remember, most of the breaking into the computers happened using the systems default passwords This is despite Clifford Stoll writing the Cuckoo's Egg, 10 years previously, in which he details how the break-in's occurred - using defaut passwords! Was nothing learnt in the intervening years? (Other than by me? :) )