Feeds

AT&T iPad 'hacker' breaks gag order to rant at cops

Double standards damned by purported scapegoatse

High performance access to file storage

A member of the group that publicised the recent AT&T iPad security breach has violated a gag order to protest his treatment by the authorities.

Andrew Auernheimer, 24 (aka Weev), claims he has been thrown into a Kafkaesque nightmare after he helped publicise an AT&T/iPad security flaw that left 114,000 private email addresses publicly accessible. Days later Auernheimer was arrested after police found drugs including LSD and ecstasy during a search of his home.

Auernheimer, a member of the Goatse Security grey-hat hacker group, has broken a gag order to protest that his civil liberties have been violated, in part because he was refused a public defence lawyer. In a long and angry post, Auernheimer criticises the authorities for treating the iPad security breach case as a higher priority for prosecution than other similar cases.

The author of the iPad slurper script automated the process of collecting the email addresses and mobile phone numbers of early adopters, including public figures. Goatse Security claims it helped publicise the breach without taking part in the "hack" itself.

Goatse said a law firm used the same technique to extract data from the Anthem/Blue Cross insurance company but it, unlike Goatse, has escaped police attention. A security researcher who discovered a security flaw involving Foursquare also used similar techniques but again escaped sanction.

Auernheimer reckons Goatse has been made a special case because it publicised the security failings of two powerful corporations, Apple and AT&T.

"My actions and those of Goatse were not criminal; they were done using industry standard practices as a public service," Auernheimer writes. "All the actions of the original author of this exploit were not criminal. Scraping data from a public web server is an extremely common practice amongst lawyers, security researchers and journalists, not to mention web developers."

Auernheimer goes on to dispute the legality of the search of his home and to argue (at some length but with less coherence) that his case is important to civil liberties and free speech on the internet. He wants to inspire a grassroots campaign of letter writing to politicians about his case.

He also wants supporters reading his Hypocrites and pharisees post to send donations in support of a legal fund. ®

SANS - Survey on application security programs

More from The Register

next story
Virgin Media so, so SORRY for turning spam fire-hose on its punters
Hundreds of emails flood inboxes thanks to gaffe
A black box for your SUITCASE: Now your lost luggage can phone home – quite literally
Breakfast in London, lunch in NYC, and your clothes in Peru
AT&T dangles gigabit broadband plans over 100 US cities
So soon after a mulled Google Fiber expansion, fancy that
AT&T threatens to pull out of FCC wireless auctions over purchase limits
Company wants ability to buy more spectrum space in auction
Google looks to LTE and Wi-Fi to help it lube YouTube tubes
Bandwidth hogger needs tube embiggenment if it's to succeed
Turnbull gave NBN Co NO RULES to plan blackspot upgrades
NBN Co faces huge future Telstra bills and reduces fibre footprint
NBN Co plans fibre-to-the-basement blitz to beat cherry-pickers
Heading off at the pass operation given same priority as blackspot fixing
NBN Co in 'broadband kit we tested worked' STUNNER
Announcement of VDSL trial is not proof of concept for fibre-to-the-node
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.