Boing Boing 

Appeals court overturns conviction of Andrew “weev” Auernheimer in iPad hacking case

Andrew “Weev” Auernheimer, in 2012. Photo: pinguino.

Notorious hacker and troll weev was released from prison this evening. A federal appeals court today overturned his conviction in a case of significance for all security researchers.

Weev exposed a security flaw in AT&T's website and obtained the personal data of more than 100,000 iPad users. He was charged with violating the Computer Fraud and Abuse Act (CFAA), and sentenced to three and a half years in prison. Today's ruling says prosecutors did not have the right to charge him in a state where none of the alleged crimes occurred.

Read the rest

Assistant AG admits he doesn't understand what Weev did, but he's sure it's bad

Andrew “weev” Auernheimer is serving a 41-month sentence for visiting a publicly available webpage and revealing that AT&T had not secured its customers' sensitive financial information. Now, weev's lawyers are appealing, and in the opening day's arguments, Assistant US Attorney Glenn Moramarco admitted I don’t even understand what [Auernheimer actually did.]" Then he compared it to blowing up a nuclear power-plant.

Exposing public corporate cock-ups is not "hacking"

Here's Ryan Tate, the first writer to cover AT&T's massive iPad data leak, on the "hacking" conviction of Andrew “Weev” Auernheimer for exposing it in the first place: "The scapegoating of Auernheimer is revolting for two reasons. One, it lets AT&T off the hook for exposing sensitive information to public view, shifting the blame onto those who reported the slip-up, and discouraging future disclosure. Two, the jailing of Auernheimer criminalizes the act of fetching openly available data over the web." Previously.

Weev sentenced to 41 months for exposing AT&T security flaw

Andrew 'weev' Auernheimer was sentenced today to 41 months in prison for figuring out a security flaw in AT&T's website, writes Matt Brian. The "hack", which exposed iPad users' email addresses, involved entering serial numbers into a publicly-accessible web form. While one journalist lamented that prosecutors "admitted they didn't understand computers", court documents also showed that Auernheimer had entertained the idea of using the info for a phishing trip. He also said stupid things on Reddit last night to encourage maximal outcomes, as is his wont. [Verge]

Weev convicted: court finds "iPad hacker" guilty of breaching AT&T site

Andrew "Weev" Auernheimer, the 26-year-old "iPad hacker" charged with federal crimes for obtaining personal data of more than 100,000 iPad owners from AT&T’s website was found guilty on Tuesday in federal court in New Jersey. The court convicted him in one count of identity fraud and one count of conspiracy to access a computer without authorization. Kim Zetter in Wired has the details. Weev tweeted that he plans to appeal.