Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Security The Courts

Security Researchers Submit Brief For Andrew "Weev" Auernheimer 161

Posted by samzenpus from the helping-a-hacker-out dept.
USSJoin writes "Andrew Auernheimer (or Weev, as he's often better known) is serving a 41-month sentence under the Computer Fraud and Abuse Act. The case is currently on appeal to the Third Circuit Court of Appeals; his lawyer filed the appellate brief last week. Now, a group of 13 security researchers, led by Meredith Patterson, and including include Peiter "Mudge" Zatko, Space Rogue, Jericho, Shane MacDougall, and Dan Kaminsky, are making their own thoughts heard by the court. They are submitting a brief to the Third Circuit Court of Appeals that argues that not only is Weev's conviction bad law, but if upheld, it will destroy independent security research, and perhaps the rest of consumer safety research as well."
This discussion has been archived. No new comments can be posted.

Security Researchers Submit Brief For Andrew "Weev" Auernheimer More

Security Researchers Submit Brief For Andrew "Weev" Auernheimer

Comments Filter:

  • Re:LOL (Score:5, Interesting)

    by sideslash ( 1865434 ) on Monday July 08, 2013 @10:19AM (#44215553)
    If you read those comments in a hostile light, then sure, then it looks like he's up to no good. But just from those snippets, it's ambiguous. As far as the phishing thing, how the heck do you think a security researcher would describe the importance of a vulnerability discovery? It appears that Weev had no intent to use the data maliciously, he just exposed AT&T's wrongdoing to the world. Do you have any evidence otherwise?

  • Re:LOL (Score:4, Interesting)

    by thoriumbr ( 1152281 ) on Monday July 08, 2013 @10:20AM (#44215557) Homepage
    No, Weev is not an independent security researcher, he is a troll. BUT he used the same tools the researchers uses. It's like passing a law outlawing the use of lockpicks. Surely all thieves would be affected, but it would affect locksmiths too.
    If Weev loses the appeal, the traffic on full-disclosure mailing list will drop a lot. If I discover a bug on Paypal website that allows anyone to access a third party's account, and I inform Paypal, I would be guilty.
    Even Weev being a troll and thinking on making profits over the AT&T mistake, the problem is shifting the blame for exposing the innocent victims from AT&T to Weev. The way this is going, looks like AT&T did everything right, responsible, blameless, and a evil hacker with super-human powers hacked their NSA-grade secured servers and stole the data, when what really happened was that AT&T didn't even bothered to protect the data in any way.

  • Re:Sorry (Score:4, Interesting)

    by thoriumbr ( 1152281 ) on Monday July 08, 2013 @10:30AM (#44215681) Homepage
    Let's pretend you have a million bucks on some bank (do you have, don't you?). The bank says it will protect your money with their lives, and everything is secure. Someday you hear that one researcher (or troll, or terrorist) went to the parking next to the bank, started a sniffer, and discovered that your bank uses unencrypted WIFI networks, so he added a private IP address to its network card and could access all bank servers and read data from any account.
    Who would you blame? The bank or the guy?

    I still think that Weev is not a saint, but AT&T is to be blamed here. AT&T had to get a hefty fine for gross negligence, putting hundreds of thousands of customers in danger. Weev must be fined too, but serving 41 months of jail time is too much, IMHO.

Slashdot Top Deals

The one day you'd sell your soul for something, souls are a glut.

Close