Andrew "Weev" Auernheimer to be sentenced in ATT/iPad case

Tim Pool is webcasting the sentencing hearing this morning for Andrew "Weev" Auernheimer, whom a court has convicted of illegally gaining access to AT&T's servers and accessing more than 100,000 email addresses of iPad users. Gawker published redacted versions of the emails. There was a Reddit AMA and a party in his honor last night. The self-proclaimed troll is expected to be incarcerated immediately after the sentencing hearing, despite a last-minute plea to avoid prison.


    1. Regardless of your point of view, I think you can agree with me that in order to change bad laws, civil disobedience requires suffering the consequences of one’s actions under them.

      1.  How is stealing private information from a corporation (and then distributing it) just because they didn’t secure it properly a form of civil disobedience? Weev did it because he thought it would be funny to humiliate people.

        1. Many agree that the Computer Fraud and Abuse Act of 1984 is a bad law and leads to punishment that is disproportionate with the act. Cases like Auernheimer’s underscore this point. Clearly, he knew what was at stake and undertook his actions regardless. Instead of defending his actions, I think it would be more productive for his supporters to use this in a push to reform that law. Auernheimer should perform some sort of restitution for his actions, but serving jail time is pretty clearly disproportionate.

    2.  I wrote a blog post today about folks like weev.  Trolls and ne’er do wells of our age.  And why they are important.  And why decrying them can be a very bad thing.

      I don’t mind if you are offended by trolls like weev.  Or dislike him.  Hell go right ahead and hate him.  But don’t do so without taking into account who and what people like weev are.  What you lose when you throw them to the wolves.

      As for what he deserves.  The man broke no laws.  AT&T made available PUBLICLY a database of sensitive information.  They did this knowingly.  There was no security.  This was not a private website or network.  They published this as the boingboing publishes its articles.  for all the world to see.

      Weev downloaded the information as it was freely offered.  And he called reporters to let them know that AT&T was publicly publishing their customers private data.

      Now, maybe AT&T has employees that don’t understand their own industry, technology, or that they shouldn’t be publishing their customers data for all the world to see.  Doesn’t matter really.  Ignorance is not an excuse.  AT&T violated the trust of the customers, and probably several laws. 

      Rather than admit that they had done wrong, they made up a blatant lie.  They said that Weev had “hacked” them.  Or circumvented some security mechanism.  They proved in court that this was not the case.  They proved beyond all doubt that there was no security mechanism in place.  And then they lied to the jurors after proving themselves in error.  Because the jury did not understand the technology they did not see the blatancy of their lies.

      Weev may deserve a lot of terrible things.  But no man or woman should be jailed when innocent of the crimes of which they are accused.  And anyone who thinks otherwise doesn’t deserve to live in this country.

      1. I don’t deserve to live in America because I agree with the jury/judge that stealing email addresses with the intent to mass-troll iPad users is a crime? That’s very judgmental of you. I’m sorry that I disagree with you and that you want me to leave the country because I think a man committed a crime.

          1. Oh, got it, that’s how you’re trolling here, the old “my opinion is the only correct one, so people who disagree aren’t allowed to talk” trope. Thanks for clearing that up. Funny that someone like me who “doesn’t deserve to live in America” has a clearer view on this case than someone who writes essays about it.

  1. This horrible system of judges, prosecutors, police and corporations made him a hero and victims of us all.

    ATT systems were broken.  They put personal data for anyone to access.  Auernheimer is not at fault and had no bad intention.  He actual was trying to get ATT to fix their security hole.

    1. Which is why he alerted the media before he disclosed to ATT?

      1. Thanks for the link — but wait: he had no bad intentions?

        “Auernheimer then helped Spitler refine his script to harvest a large number of valid e-mail addresses of iPad 3G users, suggesting that a huge data set would be needed to “direct market iPad accessories” or start a “future massive phishing operation,” noting that the data breach would be “huge media news.””

        It seems he considered all options here. But let’s ignore this for a while.

        Apparently, he did not “hack” anything, since there was no authentication involved. I have mixed feelings on wether the guy should be prosecuted or not and what should or shouldn’t be his punishment.

        Let’s focus on ATT now: 

        You know how RIAA and the likes are more then willing to prosecute everyone involved on illegal downloads: from downloader to ISPs. So why is ATT a victim? If your bank is robbed, you don’t need to ask: they will replace your money. If it was robbed because someone left the door open, even worse! But personal data is not replaceable once it is compromised. You can’t undo that.

        1. As I posted above, I think reasonable people can agree that Auernheimer should perform some sort of restitution for his actions, but serving jail time is pretty clearly disproportionate. I hope that his case continues to underscore the need to revisit the Computer Fraud and Abuse Act of 1984.

  2. If I leave my front door unlocked and you come in and steal my stuff, are you innocent of theft? Does it make a difference if you stole my stuff not to possess it but to humiliate me for not locking my door?

        1. Now lets say I even gave the information that you lived there for others to read, like google does with every ip-adress it gets its hands on..

          Edit; Yes im serious dear cartoon fox.

    1. Point taken — now suppose you left your home at some company’s care and the company left the door open.


        1. Both points make this case and conviction doubtful. But I am not a lawyer and suppose they probably reasoned with these arguments in court. It would be interesting to see some legal expert summarizing the case. (could anyone point to ATTs disclaimer?)

    2.  If you put all your stuff in a public park and walked off would be a more apt description.

      AT&T posted this data on a public website for all the world to see.  There was no security implemented.  It may as well have been a box of files left in a public park.

  3. The info was freely accessible on a server.  You didn’t need any hacking skills to access it.  ATT security = FAIL.  Blame the hacker. 

  4. There’s no right or wrong here. He just played the game badly. Although of course the rules of this particular game are fairly ridiculous, not to say surreal.

Comments are closed.