If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Opposing Views)   Guy who was sentenced to 41 months in jail for gathering the email addresses of 114,000 iPad users and giving them to Gawker looks exactly the way you'd expect him to   (opposingviews.com) divider line 66
    More: Misc, Andrew Auernheimer, Gawker, iPads, e-mail address, Aaron Swartz, computer fraud, jail, users  
•       •       •

9349 clicks; posted to Main » on 03 Jul 2013 at 5:00 PM (1 year ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



66 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread

First | « | 1 | 2 | » | Last | Show all
 
2013-07-03 03:41:12 PM  
Auernheimer was convicted under the Computer Fraud and Abuse Act, a 1986 law that prohibits anyone from accessing a website without authorization.

But he didn't access the page without authorization:

Andrew Auernheimer is appealing a conviction that could land him in jail until 2016. His crime: accessing a public page on the AT&T website and gathering the email addresses of 114,000 iPad 3G users in 2009.

Basically, he went from something like:

att.com/login and modified the URL to:

att.com/login/all_our_customers_unsecured_passwords_because_we're_dum b asses.htm

Which was on an unsecured page, whose existence on the Internet is undeniably public. It wasn't encrypted. He didn't have to log in. That's totally AT&T's fault.
 
2013-07-03 04:01:15 PM  
Thought a little more . . .

The word "authorization" meant something very different back in 1986 (when this law was written) with regards to computer systems. Back then, computer networks were used almost exclusively by the military and academia, so if you weren't a member of either group, you would by definition be accessing the network without permission and almost certainly be up to no good.

This trial is really about the inappropriate application of an archaic law to cover up AT&T's incompetence in securing their customer's private information.
 
2013-07-03 04:51:06 PM  

NutWrench: Thought a little more . . .

The word "authorization" meant something very different back in 1986 (when this law was written) with regards to computer systems. Back then, computer networks were used almost exclusively by the military and academia, so if you weren't a member of either group, you would by definition be accessing the network without permission and almost certainly be up to no good.

This trial is really about the inappropriate application of an archaic law to cover up AT&T's incompetence in securing their customer's private information.


Now I wonder what you look like.
 
2013-07-03 04:54:54 PM  
Auernheimer was convicted under the Computer Fraud and Abuse Act, a 1986 law that prohibits anyone from accessing a website without authorization

I haven't been authorized to post here.  Come and get me, coppers!
 
2013-07-03 04:58:19 PM  
Sometimes when I encounter a dead link I'll slowly backtrack the URL until I find a response, then try to to figure out where the page or file has been relocated.

Am I going to jail now?
 
2013-07-03 04:59:55 PM  
He looks like Baruch Goldstein.
 
2013-07-03 05:00:32 PM  
Let's see...  Glasses, crazy neck beard, fat.
*clicks link*
Hmm.  Pretty close!
 
2013-07-03 05:04:35 PM  
Adele really let herself go
 
2013-07-03 05:07:14 PM  
Hmm,
I expected him to look more like this:
www.robotvsbadger.com
 
2013-07-03 05:07:42 PM  
He should've gotten a job with the NSA first.
 
2013-07-03 05:08:57 PM  
What's his fark login name?
 
2013-07-03 05:10:58 PM  

Honest Bender: Let's see...  Glasses, crazy neck beard, fat.
*clicks link*
Hmm.  Pretty close!


I pictured Kevin Smith. I think we both win.
 
2013-07-03 05:19:35 PM  
The government does far, far worse than this.
 
2013-07-03 05:25:47 PM  
So it looks like the guys shilling Snorg tees?
 
2013-07-03 05:28:09 PM  
is this kinda like back in the day when all the porn clips were numbered sequentially so you just typed in the next number with the rest of the url to get the next clip and then once you downloaded them all you used a joiner to string them all together?

I miss the 90's. It was so much fun figuring out this Internet thing. I haven't watched porn online in a long time though. It's been two whole days. Being a grown up sucks.
 
2013-07-03 05:38:15 PM  

Honest Bender: Let's see...  Glasses, crazy neck beard, fat.
*clicks link*
Hmm.  Pretty close!


Agreed, expected a little more greasy Ain't It Cool News guyness myself, but close.
 
2013-07-03 05:38:39 PM  

Diogenes: Sometimes when I encounter a dead link I'll slowly backtrack the URL until I find a response, then try to to figure out where the page or file has been relocated.

Am I going to jail now?


Are you going to grab data and hand it over to Gawker?

That's the real issue here. If he was a responsible security guy he'd let AT&T know about the problem before going all HAHA guy and releasing the data without giving them a chance to fix their problem.

He's a douche.
 
2013-07-03 05:41:54 PM  

The more you eat the more you fart: The more you fart the better you feel. So eat some beans with every meal!


Always wanted to do that.

/I'll leave y'all to your nerd talk now.
 
2013-07-03 05:42:20 PM  

NutWrench: Auernheimer was convicted under the Computer Fraud and Abuse Act, a 1986 law that prohibits anyone from accessing a website without authorization.

But he didn't access the page without authorization:

Andrew Auernheimer is appealing a conviction that could land him in jail until 2016. His crime: accessing a public page on the AT&T website and gathering the email addresses of 114,000 iPad 3G users in 2009.

Basically, he went from something like:

att.com/login and modified the URL to:

att.com/login/all_our_customers_unsecured_passwords_because_we're_dum b asses.htm

Which was on an unsecured page, whose existence on the Internet is undeniably public. It wasn't encrypted. He didn't have to log in. That's totally AT&T's fault.


That's like a guy passing by a car and seeing that the keys were in  the ignition, decided to drive off with it because the owner was careless.
 
2013-07-03 05:43:53 PM  

NutWrench: Auernheimer was convicted under the Computer Fraud and Abuse Act, a 1986 law that prohibits anyone from accessing a website without authorization.

But he didn't access the page without authorization:

Andrew Auernheimer is appealing a conviction that could land him in jail until 2016. His crime: accessing a public page on the AT&T website and gathering the email addresses of 114,000 iPad 3G users in 2009.

Basically, he went from something like:

att.com/login and modified the URL to:

att.com/login/all_our_customers_unsecured_passwords_because_we're_dum b asses.htm

Which was on an unsecured page, whose existence on the Internet is undeniably public. It wasn't encrypted. He didn't have to log in. That's totally AT&T's fault.


But he had to guess the "all_our_customer..." part, right?
No different than if he had to guess what a login and the password was.

So that page was only accessible if you knew the non-public information - just like a password protected page
(yes, I know, passwords are harder to guess)
 
2013-07-03 05:44:58 PM  
img.photobucket.com
img.photobucket.com
Jim James?
 
2013-07-03 05:45:15 PM  

KidneyStone: Diogenes: Sometimes when I encounter a dead link I'll slowly backtrack the URL until I find a response, then try to to figure out where the page or file has been relocated.

Am I going to jail now?

Are you going to grab data and hand it over to Gawker?

That's the real issue here. If he was a responsible security guy he'd let AT&T know about the problem before going all HAHA guy and releasing the data without giving them a chance to fix their problem.

He's a douche.


This.  He released all those e-mails to a third party and who knows what that third party will do ,with all this info.  He farked thsoe customers just as much as AT&T did.
 
2013-07-03 05:47:33 PM  

Latinwolf: KidneyStone: Diogenes: Sometimes when I encounter a dead link I'll slowly backtrack the URL until I find a response, then try to to figure out where the page or file has been relocated.

Am I going to jail now?

Are you going to grab data and hand it over to Gawker?

That's the real issue here. If he was a responsible security guy he'd let AT&T know about the problem before going all HAHA guy and releasing the data without giving them a chance to fix their problem.

He's a douche.

This.  He released all those e-mails to a third party and who knows what that third party will do ,with all this info.  He farked thsoe customers just as much as AT&T did.


the difference is he willfully farked the customers and AT&T.  AT&T did not.
 
2013-07-03 05:51:59 PM  
Latinwolf:
That's like a guy passing by a car and seeing that the keys were in  the ignition, decided to drive off with it because the owner was careless.

No, sorry. What he did was like going up to a public bulletin board and copying down information publically posted.

Your example includes: "Breaking societal norms" "Theft" "Depriving someone of something they own and do not wish you to have"

What actually happened:
"Weev: May I have some customer information? Customer #12345 please"
"ATT: Sure, you can get it from att.com/customer/12345.html"

-hmmm-

"Weev: Hey, can I have some customer information? Customer #12346 please"
 "ATT: Sure, you can get it from att.com/customer/123456.htm"

The way the web works is you ask a web server to give you a resource. The web server can accept, deny, redirect, or ask for authentication. All he did was ask (which you're doing right now, visiting this page) and it was delivered to him. They made no attempt to prevent anyone from seeing anything.

Tell you what. Do a google search for "Index Of:" -- with the quotes. Those are servers that are configured to show directory contents by default. Are you accessing them without authorization just by going to them?

I'm the first guy to admit that the way Auernheimer acted in court makes him a total asshole, but the point remains you shouldn't be in jail for being an asshole, you have to actually break the law. Right?
 
2013-07-03 06:01:54 PM  

Kraln: The way the web works is you ask a web server to give you a resource. The web server can accept, deny, redirect, or ask for authentication. All he did was ask (which you're doing right now, visiting this page) and it was delivered to him. They made no attempt to prevent anyone from seeing anything.


Sure.  But you have to guess what the URL is to give you a resource.  Just like you have to guess what a password.

As far as societal norms, the internet norms are not that you keep guessing what the URL is of each page you want to visit.
There is usually a main page (like fark or att) and then these things called links that take you to other pages of the website.
Just like stealing the car analogy, guessing that www.fark.com/drews secret section/12345 would return a page does not mean that it was intended that everyone access that page.
 
2013-07-03 06:03:00 PM  

Diogenes: Sometimes when I encounter a dead link I'll slowly backtrack the URL until I find a response, then try to to figure out where the page or file has been relocated.


And in doing so you are merely making use of the information the full (non-working) URL provides. Changing numbers randomly* (for example) in http://...73649320.htm to see what other files you can find is a bit different.**

KidneyStone: If he was a responsible security guy he'd let AT&T know about the problem before going all HAHA guy and releasing the data without giving them a chance to fix their problem.


Also, ^this.

*going with his "I'm going to prison for arithmetic" defense
**ignoring for the moment the issue of the archaic law; just approaching your specific
 
2013-07-03 06:03:23 PM  
Just a piece of advice to any young "hackers" out there.

Many years ago, as a young CS student, I happened upon a security hole in a popular operating system. A pretty *big* hole... astronomical to say the least (it's probably still there if you get bored).

I considered my options and the possible outcomes:
1. Do something nefarious with this knowledge. -Could lead to my arrest, could lead to me going to prison (that's out)
2. Report this information to the authorities. -Could lead to my arrest, could lead to me going to prison (that's out - remember the whole don't trust cops thing. Nothing *good* like you see in the movies will happen to you)
3. Sit back and pretend I saw nothing. -Could lead to me feeling self satisfied, and confident in my abilities as a programmer/hacker and if I felt like it, I always have to power to do something else with it later.

For those of you not in CS, consider it like this. You just walked past a door that's open with a ton of cash on a table and no one in sight... you've done nothing wrong by looking, but if *one dollar* shows up missing, good luck saying you weren't the guy who took it if you linger around too long.

I chose 3.

Choose wisely.

Telling people about it never works out well unless you have a ton of money and a team of good lawyers and politicians on your side.
 
2013-07-03 06:07:34 PM  

Kraln: No, sorry. What he did was like going up to a public bulletin board and copying down information publically posted.

[snip]

The way the web works is you ask a web server to give you a resource. The web server can accept, deny, redirect, or ask for authentication. All he did was ask (which you're doing right now, visiting this page) and it was delivered to him. They made no attempt to prevent anyone from seeing anything.


They don't need to. According to the law, anyway (or at least that's what's being argued). The point is that despite the fact that if he asked the information would be given to him freely, he wasn't supposed to be asking in the first place since the information he was requesting wasn't his to request.

Plus he's a douche for going public like he did. So there's that.
 
2013-07-03 06:14:30 PM  
tenpoundsofcheese:
Sure.  But you have to guess what the URL is to give you a resource.  Just like you have to guess what a password.

What part of 'publicly available' do you not understand? Let me break it down for you.

You establish a TCP connection on port 80 to a server (that is listening, by the way.)

GET /path/file.html HTTP/1.0
From: someuse­r[nospam-﹫-backwards]l­l­ahsramj­*co­m
User-Agent: HTTPTool/1.0
[blank line here]


the server can respond many different ways, but in this case:

HTTP/1.0 200 OK
Date: Fri, 31 Dec 1999 23:59:59 GMT
Content-Type: text/html
Content-Length: 1354


That HTTP 200 OK? That's like saying "Sure, here's whatever you asked for". URLs don't have to map to things like files or objects, they map to resources. The world wide web works by people requesting information from a server, and getting back a response.

If you happened to guess that my website might be 'kraln.com', and I maybe had some personal information on there (I do), and you went to your browser and said "hmm, let me try kraln.com", and you connected to my server, and my server handed you the information, how would you consider that to be unauthorized access? Because it was personal information? Because you guessed the URL? Because I say-so afterwords?

That's completely inane and you know it.
 
2013-07-03 06:16:23 PM  

NutWrench: Auernheimer was convicted under the Computer Fraud and Abuse Act, a 1986 law that prohibits anyone from accessing a website without authorization.

But he didn't access the page without authorization:

Andrew Auernheimer is appealing a conviction that could land him in jail until 2016. His crime: accessing a public page on the AT&T website and gathering the email addresses of 114,000 iPad 3G users in 2009.

Basically, he went from something like:

att.com/login and modified the URL to:

att.com/login/all_our_customers_unsecured_passwords_because_we're_dum b asses.htm

Which was on an unsecured page, whose existence on the Internet is undeniably public. It wasn't encrypted. He didn't have to log in. That's totally AT&T's fault.


That's like the car thief that claims it's totally the owner's fault for leaving the keys in the ignition... Guess who's still going to prison even though the owner didn't secure his vehicle very well?
 
2013-07-03 06:19:01 PM  
"I'm going to prison for arithmetic," he said.
You keep tellin' yourself that bub.
 
2013-07-03 06:19:19 PM  
NutWrench:

This trial is really about the inappropriate application of an archaic law to cover up AT&T's incompetence in securing their customer's private information.

I agree with you on this point. The law is archaic. The difficulty is that under this archaic law there is a good case that he is indeed guilty of the crime with which he was charged. After all, a prosecutor took it to court, a jury agreed, and the judge...it is worth noting...gave him the maximum possible sentence for which he was eligible. So are all those people just plain crazy? Was there a mass hallucination that happened in that courtroom?  I have read through all the material in the case and personally I find the substantive claim that he is innocent damn unconvincing. There is a lot of jaw jaw about what people wish the law said or what they think it should have said as opposed to what it actually says. But there is, at a minimum, a plausible case that he is guilty and I would be inclined--if that were the only problem with this case--to side against him.
 
2013-07-03 06:19:32 PM  
ArcadianRefugee: 
They don't need to. According to the law, anyway (or at least that's what's being argued). The point is that despite the fact that if he asked the information would be given to him freely, he wasn't supposed to be asking in the first place since the information he was requesting wasn't his to request.

Imagine there's a secret book at a library. It's in the card catalog, but not on the shelf. No one is supposed to know about the book but its author. You notice there's a hole in the shelf, and curiosity brings you to look at the card catalog. Then, you ask the librarian about the book. He gets it for you, you read a bit of it, then give it back.

Later, the police come to your house and arrest you. You weren't supposed to read the book, you weren't supposed to ask for it, the librarian wasn't supposed to give it to you!

If I call your bank and ask for your bank account information, and they give it to me, and then I go to a newspaper to tell them that your bank is giving out your account information, suddenly I belong in jail for asking for it?


Plus he's a douche for going public like he did. So there's that.

He's totally a douche. That's also not a reason for jail time.
 
2013-07-03 06:19:41 PM  
Stick with the V for Vendetta masks, guys
 
2013-07-03 06:21:56 PM  
Z1P2: 
That's like the car thief that claims it's totally the owner's fault for leaving the keys in the ignition... Guess who's still going to prison even though the owner didn't secure his vehicle very well?

False/bad example. Nothing was stolen, and no theft or deprivation occurred.  A better one would be asking the dealership for the keys to everyone's car that was sold in the past month, and then giving the keys to the local paper with a note saying that the dealership is just giving anyone keys that asks for them.
 
2013-07-03 06:24:29 PM  
How to stay out of prison:

1. Do not access data that is not yours.

2. Do not poke and prod a server that is not yours.

3. Do not release on pass on any data that is not yours.

4. Do not fark with AT&T
 
2013-07-03 06:29:40 PM  

Kraln: Latinwolf:
That's like a guy passing by a car and seeing that the keys were in  the ignition, decided to drive off with it because the owner was careless.

No, sorry. What he did was like going up to a public bulletin board and copying down information publically posted.

Your example includes: "Breaking societal norms" "Theft" "Depriving someone of something they own and do not wish you to have"

What actually happened:
"Weev: May I have some customer information? Customer #12345 please"
"ATT: Sure, you can get it from att.com/customer/12345.html"

-hmmm-

"Weev: Hey, can I have some customer information? Customer #12346 please"
 "ATT: Sure, you can get it from att.com/customer/123456.htm"

The way the web works is you ask a web server to give you a resource. The web server can accept, deny, redirect, or ask for authentication. All he did was ask (which you're doing right now, visiting this page) and it was delivered to him. They made no attempt to prevent anyone from seeing anything.

Tell you what. Do a google search for "Index Of:" -- with the quotes. Those are servers that are configured to show directory contents by default. Are you accessing them without authorization just by going to them?

I'm the first guy to admit that the way Auernheimer acted in court makes him a total asshole, but the point remains you shouldn't be in jail for being an asshole, you have to actually break the law. Right?


So with that belief you also agree Zimmerman shouldn't be on trial right now, correct?
 
2013-07-03 06:34:54 PM  

Z1P2: .

That's like the car thief that claims it's totally the owner's fault for leaving the keys in the ignition... Guess who's still going to prison even though the owner didn't secure his vehicle very well?


This is the correct framework. The ultimate issue is one of power and control. The vision of the law is that it is the website owner who has power and control as to what happens on their website not the end user. I comprehend why a lot of people think this vision is archaic and cuts against the grain of internet freedom and hacker culture and I would personally support a change in the law. But the law is what it is. And if one accepts that the website owner is the person who has power and control then it isn't such a huge leap to say that he went against ATT's wishes and hence is guilty of a crime.
 
2013-07-03 06:48:04 PM  

worlddan: NutWrench:

This trial is really about the inappropriate application of an archaic law to cover up AT&T's incompetence in securing their customer's private information.

I agree with you on this point. The law is archaic. The difficulty is that under this archaic law there is a good case that he is indeed guilty of the crime with which he was charged. After all, a prosecutor took it to court, a jury agreed, and the judge...it is worth noting...gave him the maximum possible sentence for which he was eligible. So are all those people just plain crazy? Was there a mass hallucination that happened in that courtroom?  I have read through all the material in the case and personally I find the substantive claim that he is innocent damn unconvincing. There is a lot of jaw jaw about what people wish the law said or what they think it should have said as opposed to what it actually says. But there is, at a minimum, a plausible case that he is guilty and I would be inclined--if that were the only problem with this case--to side against him.


I guess the defense did a lousy job of arguing the difference between public and private URLs. I find it unsettling that AT&T was able to successfully argue that access to a public, unencrypted part of their database was an "unauthorized access." It's the difference between locking your personal info safely away inside your house and spray painting it on the outside walls for anyone to see. I think letting that argument stand sets a bad precedent and opens up a whole can of legal fark.
 
2013-07-03 06:57:18 PM  
NutWrench:

I guess the defense did a lousy job of arguing the difference between public and private URLs. I find it unsettling that AT&T was able to successfully argue that access to a public, unencrypted part of their database was an "unauthorized access."

Interestingly, people from ATT testified for BOTH the prosecution and the defense. So it's difficult for me to say that the defense did a bad job since they had people from the same company testifying on their behalf as the prosecution. Besides, all lawyers were from EFF and none of them are stupid or incompetent. I think the better understanding is that the jury did what juries do: weigh the evidence and render a judgement. That might not be the same judgement you or I would render but that is the way our system works.
 
2013-07-03 07:01:15 PM  

Kraln: Z1P2: 
That's like the car thief that claims it's totally the owner's fault for leaving the keys in the ignition... Guess who's still going to prison even though the owner didn't secure his vehicle very well?

False/bad example. Nothing was stolen, and no theft or deprivation occurred.  A better one would be asking the dealership for the keys to everyone's car that was sold in the past month, and then giving the keys to the local paper with a note saying that the dealership is just giving anyone keys that asks for them.



So if you leave your house unlocked, it's totally fine for me to saunter in and poke through all your stuff?
 
2013-07-03 07:10:37 PM  

Kraln: Imagine there's a secret book at a library. It's in the card catalog, but not on the shelf. No one is supposed to know about the book but its author. You notice there's a hole in the shelf, and curiosity brings you to look at the card catalog. Then, you ask the librarian about the book. He gets it for you, you read a bit of it, then give it back.

Later, the police come to your house and arrest you. You weren't supposed to read the book, you weren't supposed to ask for it, the librarian wasn't supposed to give it to you!


None of that, sadly.

Your example fixed: He went shelf to shelf, sliding all the books firmly to the left to see how much empty room remained on each shelf to see if there were missing books. Then he went to the card catalog to find which books were on the shelf and deduced the names of the missing books, then requested them.

A bit overblown, perhaps (only because there is no math!) but point is: no. He isn't all innocent. He didn't trip over some piece of information -- unless he was at the top of some immense stairwell and tripped 114,000 times. He knew exactly what he was doing.

Another example!

You're at work. There's a table with boxes of envelopes. Each envelope has written on it a person's name (including your own). They are in alphabetical order. In each is some information for that person. Everyone knows where this room is, where the table is, and that there is a box of envelopes upon it. Everyone is told, "Go to the Envelope Room, find your envelope, and read the information I have left for you."

You go to the room, find your envelope, and notice that it is unsealed. Curious, you check the next one and it too is unsealed. And the next. And the next. At this point, you've pretty much figured out that the idiot who set this up didn't seal any of the envelopes. But, instead of just reading the contents of yours and then informing your boss of this oversight, you instead continue to open each envelope, one by one, and read its contents. Oh, and then you tell your friends, who don't work there, everything you've read.


Point: none of that information was intended for you (him), save for one. He knew they weren't intended for him but went ahead and not only read the information, but then shared it with some outsider.

I keep my house locked because I don't want some dickhead coming in and taking my shiat. But you know what? it's understood that, even if I leave my door unlocked, people still aren't allowed to come in and take my shiat. If they do, it's a crime, locked door or no.

/dealing with your insurance company may be another matter entirely
 
2013-07-03 07:14:50 PM  
I was expecting more like this:

www.lossofprivacy.com
 
2013-07-03 07:24:11 PM  
Well not EXACTLY but very, very close.
i41.tinypic.com
 
2013-07-03 07:30:33 PM  

Gabrielmot: Just a piece of advice to any young "hackers" out there.

Many years ago, as a young CS student, I happened upon a security hole in a popular operating system. A pretty *big* hole... astronomical to say the least (it's probably still there if you get bored).

I considered my options and the possible outcomes:
1. Do something nefarious with this knowledge. -Could lead to my arrest, could lead to me going to prison (that's out)
2. Report this information to the authorities. -Could lead to my arrest, could lead to me going to prison (that's out - remember the whole don't trust cops thing. Nothing *good* like you see in the movies will happen to you)
3. Sit back and pretend I saw nothing. -Could lead to me feeling self satisfied, and confident in my abilities as a programmer/hacker and if I felt like it, I always have to power to do something else with it later.

For those of you not in CS, consider it like this. You just walked past a door that's open with a ton of cash on a table and no one in sight... you've done nothing wrong by looking, but if *one dollar* shows up missing, good luck saying you weren't the guy who took it if you linger around too long.

I chose 3.

Choose wisely.

Telling people about it never works out well unless you have a ton of money and a team of good lawyers and politicians on your side.


But if you choose 3 then you can't be kwel among the internet nerds.
 
2013-07-03 07:43:39 PM  

Ebenator: [img.photobucket.com image 301x251]
[img.photobucket.com image 480x319]
Jim James?


OMG he looks like some other guy kind of I better post it on fark so my peers no how perspective I am!11
 
2013-07-03 08:05:52 PM  
No posts yet of the 2008 article where he's pictured without a beard? I remember thinking in 2008, "this guy looks exactly like I expect." And I vaguely remember that there may even have been a Fark headline to that effect too. So yeah, he still looks like we expect.

The CFAA is horribly vague. I support his appeal, no matter how much of a dick he is.
 
2013-07-03 08:25:17 PM  
I was expecting this;

cdn.nextround.net
 
2013-07-03 08:35:06 PM  
FrancoFile:
So if you leave your house unlocked, it's totally fine for me to saunter in and poke through all your stuff?

Still missing the point. AT&T was doing exactly what webservers do all the time.This isn't an unlocked house, this is going on a picture safari at a zoo, and then the zoo later claiming you were only allowed to take pictures of the lions.

ArcadianRefugee:
I keep my house locked because I don't want some dickhead coming in and taking my shiat. But you know what? it's understood that, even if I leave my door unlocked,people still aren't allowed to come in and take my shiat. If they do, it's a crime, locked door or no.

I know you guys really like this unlocked door example, but that's just simply not relevant to the facts at hand. If I ask you for something, and you give it to me, then later decide you shouldn't have given it to me, why should I be in jail for asking?
 
2013-07-03 08:37:32 PM  

KidneyStone: Diogenes: Sometimes when I encounter a dead link I'll slowly backtrack the URL until I find a response, then try to to figure out where the page or file has been relocated.

Am I going to jail now?

Are you going to grab data and hand it over to Gawker?

That's the real issue here. If he was a responsible security guy he'd let AT&T know about the problem before going all HAHA guy and releasing the data without giving them a chance to fix their problem.

He's a douche.


So much this. AT&T may have farked up, but this d-bag went and made a potential security issue INTO a security issue. I hope he gets the full sentence and associated fine. "Well, I was able to do it so it should be legal!!11" is not a defense.
 
Displayed 50 of 66 comments

First | « | 1 | 2 | » | Last | Show all

View Voting Results: Smartest and Funniest


This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »
On Twitter





In Other Media


  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.

Report