Appeals court overturns conviction of Andrew “weev” Auernheimer in iPad hacking case

Andrew “Weev” Auernheimer, in 2012. Photo: pinguino.

Notorious hacker and troll weev was released from prison this evening. A federal appeals court today overturned his conviction in a case of significance for all security researchers.

Weev exposed a security flaw in AT&T's website and obtained the personal data of more than 100,000 iPad users. He was charged with violating the Computer Fraud and Abuse Act (CFAA), and sentenced to three and a half years in prison. Today's ruling says prosecutors did not have the right to charge him in a state where none of the alleged crimes occurred.

Read the rest

Assistant AG admits he doesn't understand what Weev did, but he's sure it's bad

Andrew “weev” Auernheimer is serving a 41-month sentence for visiting a publicly available webpage and revealing that AT&T had not secured its customers' sensitive financial information. Now, weev's lawyers are appealing, and in the opening day's arguments, Assistant US Attorney Glenn Moramarco admitted I don’t even understand what [Auernheimer actually did.]" Then he compared it to blowing up a nuclear power-plant. Read the rest

Exposing public corporate cock-ups is not "hacking"

Here's Ryan Tate, the first writer to cover AT&T's massive iPad data leak, on the "hacking" conviction of Andrew “Weev” Auernheimer for exposing it in the first place: "The scapegoating of Auernheimer is revolting for two reasons. One, it lets AT&T off the hook for exposing sensitive information to public view, shifting the blame onto those who reported the slip-up, and discouraging future disclosure. Two, the jailing of Auernheimer criminalizes the act of fetching openly available data over the web." Previously. Read the rest

Weev sentenced to 41 months for exposing AT&T security flaw

Andrew 'weev' Auernheimer was sentenced today to 41 months in prison for figuring out a security flaw in AT&T's website, writes Matt Brian. The "hack", which exposed iPad users' email addresses, involved entering serial numbers into a publicly-accessible web form. While one journalist lamented that prosecutors "admitted they didn't understand computers", court documents also showed that Auernheimer had entertained the idea of using the info for a phishing trip. He also said stupid things on Reddit last night to encourage maximal outcomes, as is his wont. [Verge] Read the rest

Weev convicted: court finds "iPad hacker" guilty of breaching AT&T site

Andrew "Weev" Auernheimer, the 26-year-old "iPad hacker" charged with federal crimes for obtaining personal data of more than 100,000 iPad owners from AT&T’s website was found guilty on Tuesday in federal court in New Jersey. The court convicted him in one count of identity fraud and one count of conspiracy to access a computer without authorization. Kim Zetter in Wired has the details. Weev tweeted that he plans to appeal. Read the rest