Features Podcasts Family Video Comics Music Tech Science Books Film & TV Games ✚

Jill

Andrew "Weev" Auernheimer to be sentenced in ATT/iPad case

Xeni Jardin at 6:21 am Mon, Mar 18, 2013

— FEATURED —

Book Review

Lexicon: smart, sharp technothriller from Max "Jennifer Government" Barry

Book Review

The 'Geisters: spooky, scary novel

Science

Ants and Stars: Bruce Sterling and Jasmina Tesanovic visit the Sardinia Radio Telescope in Italy

— FOLLOW US —

Boing Boing is on Twitter and Facebook. Subscribe to our RSS feed or daily email.

 

— POLICIES —

Except where indicated, Boing Boing is licensed under a Creative Commons License permitting non-commercial sharing with attribution

 

— FONTS —

Tweet
Kindle
Tim Pool is webcasting the sentencing hearing this morning for Andrew "Weev" Auernheimer, whom a court has convicted of illegally gaining access to AT&T's servers and accessing more than 100,000 email addresses of iPad users. Gawker published redacted versions of the emails. There was a Reddit AMA and a party in his honor last night. The self-proclaimed troll is expected to be incarcerated immediately after the sentencing hearing, despite a last-minute plea to avoid prison.

Boing Boing editor/partner and tech culture journalist Xeni Jardin hosts and produces Boing Boing's in-flight TV channel on Virgin America airlines (#10 on the dial), and writes about living with breast cancer. Diagnosed in 2011. @xeni on Twitter. email: xeni@boingboing.net.

More at Boing Boing

Ants and Stars: Bruce Sterling and Jasmina Tesanovic visit the Sardinia Radio Telescope in Italy

The Snowden Principle

  • otterhead

    He is not a hero or freedom fighter. He deserves the punishment he receives.

    • Eric0142

      Regardless of your point of view, I think you can agree with me that in order to change bad laws, civil disobedience requires suffering the consequences of one’s actions under them.

      • otterhead

        That was his choice, yes.

      • http://www.facebook.com/bogslug Daniel Latta

         How is stealing private information from a corporation (and then distributing it) just because they didn’t secure it properly a form of civil disobedience? Weev did it because he thought it would be funny to humiliate people.

        • Eric0142

          Many agree that the Computer Fraud and Abuse Act of 1984 is a bad law and leads to punishment that is disproportionate with the act. Cases like Auernheimer’s underscore this point. Clearly, he knew what was at stake and undertook his actions regardless. Instead of defending his actions, I think it would be more productive for his supporters to use this in a push to reform that law. Auernheimer should perform some sort of restitution for his actions, but serving jail time is pretty clearly disproportionate.

    • http://twitter.com/openfly ǝɔʎoſ ʇʇɐW

       https://www.music-piracy.com/?p=789  I wrote a blog post today about folks like weev.  Trolls and ne’er do wells of our age.  And why they are important.  And why decrying them can be a very bad thing.

      I don’t mind if you are offended by trolls like weev.  Or dislike him.  Hell go right ahead and hate him.  But don’t do so without taking into account who and what people like weev are.  What you lose when you throw them to the wolves.

      As for what he deserves.  The man broke no laws.  AT&T made available PUBLICLY a database of sensitive information.  They did this knowingly.  There was no security.  This was not a private website or network.  They published this as the boingboing publishes its articles.  for all the world to see.

      Weev downloaded the information as it was freely offered.  And he called reporters to let them know that AT&T was publicly publishing their customers private data.

      Now, maybe AT&T has employees that don’t understand their own industry, technology, or that they shouldn’t be publishing their customers data for all the world to see.  Doesn’t matter really.  Ignorance is not an excuse.  AT&T violated the trust of the customers, and probably several laws. 

      Rather than admit that they had done wrong, they made up a blatant lie.  They said that Weev had “hacked” them.  Or circumvented some security mechanism.  They proved in court that this was not the case.  They proved beyond all doubt that there was no security mechanism in place.  And then they lied to the jurors after proving themselves in error.  Because the jury did not understand the technology they did not see the blatancy of their lies.

      Weev may deserve a lot of terrible things.  But no man or woman should be jailed when innocent of the crimes of which they are accused.  And anyone who thinks otherwise doesn’t deserve to live in this country.

      • otterhead

        I don’t deserve to live in America because I agree with the jury/judge that stealing email addresses with the intent to mass-troll iPad users is a crime? That’s very judgmental of you. I’m sorry that I disagree with you and that you want me to leave the country because I think a man committed a crime.

        • http://twitter.com/openfly ǝɔʎoſ ʇʇɐW

           He didn’t steal anything.  You obviously don’t understand the case or the technology.  So you don’t get to have an opinion.

          • otterhead

            Oh, got it, that’s how you’re trolling here, the old “my opinion is the only correct one, so people who disagree aren’t allowed to talk” trope. Thanks for clearing that up. Funny that someone like me who “doesn’t deserve to live in America” has a clearer view on this case than someone who writes essays about it.

  • lasermike026

    This horrible system of judges, prosecutors, police and corporations made him a hero and victims of us all.

    ATT systems were broken.  They put personal data for anyone to access.  Auernheimer is not at fault and had no bad intention.  He actual was trying to get ATT to fix their security hole.

    • Eric0142

      Which is why he alerted the media before he disclosed to ATT? http://arstechnica.com/apple/2011/01/goatse-security-trolls-were-after-max-lols-in-att-ipad-hack/

      • Sigmund_Jung

        Thanks for the link — but wait: he had no bad intentions?

        “Auernheimer then helped Spitler refine his script to harvest a large number of valid e-mail addresses of iPad 3G users, suggesting that a huge data set would be needed to “direct market iPad accessories” or start a “future massive phishing operation,” noting that the data breach would be “huge media news.”"

        It seems he considered all options here. But let’s ignore this for a while.

        Apparently, he did not “hack” anything, since there was no authentication involved. I have mixed feelings on wether the guy should be prosecuted or not and what should or shouldn’t be his punishment.

        Let’s focus on ATT now: 

        You know how RIAA and the likes are more then willing to prosecute everyone involved on illegal downloads: from downloader to ISPs. So why is ATT a victim? If your bank is robbed, you don’t need to ask: they will replace your money. If it was robbed because someone left the door open, even worse! But personal data is not replaceable once it is compromised. You can’t undo that.

        • Eric0142

          As I posted above, I think reasonable people can agree that Auernheimer should perform some sort of restitution for his actions, but serving jail time is pretty clearly disproportionate. I hope that his case continues to underscore the need to revisit the Computer Fraud and Abuse Act of 1984.

  • kartwaffles

    Sounds like weev is about to be welcomed to bantown.

    • LearnIntent

       There will be plenty of whales in the bantown he is going to.

  • http://www.facebook.com/bogslug Daniel Latta

    If I leave my front door unlocked and you come in and steal my stuff, are you innocent of theft? Does it make a difference if you stole my stuff not to possess it but to humiliate me for not locking my door?

    • http://www.facebook.com/adam.ivarsson.56 Adam Ivarsson

      If you wrote your adress on the outside of your house, would I be considered a criminal if I read it?

      • http://www.facebook.com/bogslug Daniel Latta

        You’ve got to be kidding me.

        • http://www.facebook.com/adam.ivarsson.56 Adam Ivarsson

          Now lets say I even gave the information that you lived there for others to read, like google does with every ip-adress it gets its hands on..

          Edit; Yes im serious dear cartoon fox.

    • Sigmund_Jung

      Point taken — now suppose you left your home at some company’s care and the company left the door open.

      Go.

      • http://www.facebook.com/adam.ivarsson.56 Adam Ivarsson

        Read the disclaimer you agreed when giving away your email adress.

        Go.

        • Sigmund_Jung

          Both points make this case and conviction doubtful. But I am not a lawyer and suppose they probably reasoned with these arguments in court. It would be interesting to see some legal expert summarizing the case. (could anyone point to ATTs disclaimer?)

    • http://twitter.com/openfly ǝɔʎoſ ʇʇɐW

       If you put all your stuff in a public park and walked off would be a more apt description.

      AT&T posted this data on a public website for all the world to see.  There was no security implemented.  It may as well have been a box of files left in a public park.

  • http://twitter.com/SpikedUpFrog Anonymous

    The info was freely accessible on a server.  You didn’t need any hacking skills to access it.  ATT security = FAIL.  Blame the hacker. 

  • http://voidstar.com/ jbond

    There’s no right or wrong here. He just played the game badly. Although of course the rules of this particular game are fairly ridiculous, not to say surreal.