AT&T iPad hacker appeals conviction, says stuff freely available online can’t be stolen - burbankcolooter
A U.S. man prosecuted for exposing a weakness in how AT&T handled the personal data of its iPad users filed an ingathering on Monday of his conviction and 41-month sentence.
Andrew Auernheimer, known A "weev," created an automated tool to extract the names and e-mail addresses of 114,000 iPad 3G owners from AT&T's servers, which were used aside customers to access their accounts. The entropy was afterwards passed to the online news web site Gawker.
Auernheimer's case Drew open attention for his lengthy prison doom, which his lawyer Tor Ekeland aforementioned via email was at the high end for electronic computer-related criminal cases.
He was indicted in 2011 in regime homage in Original New Jersey on two felony counts of confederacy to access a information processing system without authorisation and fraud overlapping to personal recognition under the Computer Faker and Abuse Act. Helium was convicted after a five-Clarence Shepard Day Jr. trial in November 2012.
Auernheimer preserved he was helping AT&adenylic acid;T with its security, but the company claimed nobody from Auernheimer's hacking group, known as Goatse Security, contacted information technology about the trouble.
His appeal, filed in 3rd U.S. Circuit Court of Appeals, was written by his run lawyers, Tor Ekeland and Bull's eye Jaffe with help from the Electronic Frontier Foundation, George III Washington University Law Civilis Prof Orin Kerr and an EFF fellow, Marcia Hofmann.
The entreaty contends that Auernheimer did non violate law by accessing AT&T servers. The company had connected the Microcircuit Card Idaho (ICC-ID), a serial number on the SIM card of an iPad with mobile connectivity, with the user's email address.
When a substance abuser visited AT&T's website, the email field would automatically make up populated supported the ICC-Gem State, which was apparently intended to help users save fourth dimension when logging in.
But Auernheimer's friend, Daniel Spitler, discovered that dynamical the ICC-IDs by a single digit would return a new user's email address. Then the two men developed an application called the "iPad 3G Accounting Slurper" to overstretch the name calling and email addresses nut masse.
Since the data was freely available on the net, Auernheimer's actions did not constitute theft, the appeal contends.
"AT&T chose not to employ passwords Beaver State any other protective measures to control access to the e-get off addresses of its customers," the invoke reads. "The company configured its servers to make the selective information available to everyone and thereby authorized the cosmopolitan world to view the information."
The appeal also argues one of the counts against Auernheimer was wrongly upgraded to a felony and that the vitrine should non take in been negatively charged in New Garden State because no data was handled in that location.
Spitler pleaded guilty to similar charges American Samoa Auernheimer in a separate illegal case in federal court in New Jersey in June 2011. He has not been sentenced all the same.
Source: https://www.pcworld.com/article/452724/atandt-ipad-hacker-files-appeal-over-conviction-long-sentence.html
Posted by: burbankcolooter.blogspot.com
0 Response to "AT&T iPad hacker appeals conviction, says stuff freely available online can’t be stolen - burbankcolooter"
Post a Comment