An American court has just sentenced a 'grey hat' computer hacker who exposed corporate security flaws to more jail time than another court sentenced a group of rapists.
Andrew Auernheimer, aka 'Weev', got three and a half years, more time than two teenagers just found guilty of infamously raping a girl in Steubenville, Ohio.
Auernheimer's prosecution was vicious. That he went after the failings of telecom firm AT&T was used against him, was the reason to demand a long prison term.
Auernheimer likened his actions to walking down the street and writing down the physical addresses of buildings, only to be charged with identity theft. He later sent an e-mail to the U.S. attorney’s office in New Jersey, blaming AT&T for exposing customer data, authorities say.'Tarnishing' corporate reputation is the real reason this guy is in jail. Apparently, the guy is a troll and a bit of a pain, a "discordian .. into throwing apples .. a right mouthy bastard". Is that why America threw him in jail?
“AT&T needs to be held accountable for their insecure infrastructure as a public utility and we must defend the rights of consumers, over the rights of shareholders,” he wrote, according to prosecutors. ”I advise you to discuss this matter with your family, your friends, victims of crimes you have prosecuted, and your teachers for they are the people who would have been harmed had AT&T been allowed to silently bury their negligent endangerment of United States infrastructure.”
But prosecutors say his interest went beyond concern about the security of customer data.
According to the criminal complaint, a confidential informant helped federal authorities make their case against the two defendants by providing them with 150 pages of chat logs from an IRC channel where, prosecutors said, Spitler and Auernheimer admitted conducting the breach to tarnish AT&T’s reputation and promote themselves and Goatse Security.
John Koetsier explains how what the illegality of what Auernheimer did to expose the security flaw makes everyone a potential criminal.
You could be charged with unauthorized access to a computerized device, for instance, simply because you clicked on the link that brought you to this article. Oh, and Google, one of the most successful corporations in the world, is the root of all evil. A Get request is simply a note from a browser computer code asking for a resource. You issue thousands of them every day all by yourself. Google issues billions.There's a lot of anger from the kidz. Writes Asher Wolf:
Whether the receiving server responds to that request in any way, shape, or form is entirely at the discretion of the developers and system administrators who control that server.
The CFAA [relevant US law] does not define the phrase “unauthorized access,” so according to Auernheimer, the government essentially told the jury that his access to the server was unauthorized because they said it was. Which, if true, means that whether you commit a legal act or an illegal act is at the discretion of anyone who runs a webserver, who can change their mind at any time without you knowing.
Good luck following the straight and narrow.
Putting Weev behind bars is pointless and tragic. Jailing the most outspoken men and women amongst our generation won’t stop the leaks, the hacks, the news revelations, the whistleblowers – and most of all it won’t stop the rage of the malcontent, dispossessed youth from eventually tumbling down upon the heads of the bureaucrats who sold us out and then tried to lock us up when we complained.
.. they can’t shut us all up. Fuck ‘em.