Internet activist (and Crunchies winner) Andrew Auernheimer’s sentencing trial will take place on March 18, 2013 at 10:30am. Auernheimer aka Weev revealed a security flaw in AT&T’s iPad user database, allowing him to scrape the data from 114,000 iPad users. He later gave the data to a journalist. The FBI investigated and filed a criminal complaint in January 2011. A full recounting of his arrest can be found here. He wrote a detailed description of his hack and subsequent plight in January.
Auernheimer was convicted on conspiracy to access a computer without authorization (18 U.S.C. § 1030(a)(2)(C), part of the Computer Fraud and Abuse Act of 1986) and fraud in connection with personal information (18 U.S.C. § 1028(a)(7)). Both counts carry five-year sentences.
I spoke to Auernheimer a few weeks ago and, although he was scheduled to appear in court for sentencing this week, the case has been pushed back to the 11th. Supporters are collecting funds for his defense and he is still actively tweeting and blogging.
His case, regardless of his outré politics, is an example of a judicial system run aground. It is unable to understand what Auernheimer did – expose a security flaw, much to AT&T’s chagrin – and is giving him a minimum sentence as egregious as those convicted of robbery.
What should happen? AT&T should apologize to us for failing to harden their customer service websites and send a few of their own IT guys to jail for being idiots whose system was “crackable” by a script iterating a URL. To call this a joke ignores the very real tragedy of a young man cut in his prime. We can only laugh at the FBI’s risible arrest, the quick trial staffed by a definitively uninterested jury, and the creeping horror of his potential sentencing.