Expose A Blatant Security Hole In AT&T's Servers, Get 3.5 Years In Jailby Mike Masnick
Mar. 19, 2013
1."That's Not True" BBC Host Hangs Up On Guest for Citing Rotherham Muslim Rape Scandal
2.Trump Rips Bill Kristol: "All The Guy Wants to do is Kill People and Go to War"
3.VIDEO: Telemundo Busted Staging Shot at Anti-Trump Protest
4.Gary Johnson's Plan to Beat Trump: 'Call Him Racist'
5.Migrants Thank 89-Yr-Old Austrian Man Who Gave Them Euros by Robbing Him
6.Desperation: Brexit Ballot "How to Vote" Guide Instructs Brits to Vote to Stay in EU
7.Crazed Liberal Shows How Tolerant She Is By Hitting Preacher In Head With Baseball Bat
8.Desecration: Memorials For US War Dead Vandalized, Destroyed & Looted All Over US
We've written a few times about the case of Andrew Auernheimer, perhaps better known as weev. While he has a bit of a reputation as an online troll, and self-admitted jerk, his case is yet another example of how ridiculously broken the CFAA (Computer Fraud and Abuse Act) remains. In this case, what he did was expose a pretty blatant security hole in AT&T's servers, that allowed anyone to go in and find the emails of any AT&T iPad owner, merely by incrementing the user ID. This isn't a malicious "hack." It's barely a "hack" at all. This isn't "breaking in." This is just exploring a totally broken system. To call attention to this, weev collected information on a bunch of famous folks who had iPads and alerted the press. This is what security folks do all the time. And for his troubles in helping AT&T discover and close a pretty bad security hole, he's been sentenced to 41 months in prison plus he has to pay $73,000 to AT&T. One hopes AT&T will use it to hire half a decent security person or something.