Weev exposed a security flaw in AT&T's website and obtained the personal data of more than 100,000 iPad users. He was charged with violating the Computer Fraud and Abuse Act (CFAA), and sentenced to three and a half years in prison. Today's ruling says prosecutors did not have the right to charge him in a state where none of the alleged crimes occurred.
I don’t even understand what [Auernheimer actually did.]" Then he compared it to blowing up a nuclear power-plant. — Cory • 33
Here's Ryan Tate, the first writer to cover AT&T's massive iPad data leak, on the "hacking" conviction of Andrew “Weev” Auernheimer for exposing it in the first place: "The scapegoating of Auernheimer is revolting for two reasons. One, it lets AT&T off the hook for exposing sensitive information to public view, shifting the blame onto those who reported the slip-up, and discouraging future disclosure. Two, the jailing of Auernheimer criminalizes the act of fetching openly available data over the web." Previously.
Andrew 'weev' Auernheimer was sentenced today to 41 months in prison for figuring out a security flaw in AT&T's website, writes Matt Brian. The "hack", which exposed iPad users' email addresses, involved entering serial numbers into a publicly-accessible web form. While one journalist lamented that prosecutors "admitted they didn't understand computers", court documents also showed that Auernheimer had entertained the idea of using the info for a phishing trip. He also said stupid things on Reddit last night to encourage maximal outcomes, as is his wont. [Verge]
Andrew "Weev" Auernheimer, the 26-year-old "iPad hacker" charged with federal crimes for obtaining personal data of more than 100,000 iPad owners from AT&T’s website was found guilty on Tuesday in federal court in New Jersey. The court convicted him in one count of identity fraud and one count of conspiracy to access a computer without authorization. Kim Zetter in Wired has the details. Weev tweeted that he plans to appeal.