Jeremy Kirk reports that attorneys for security researcher Andrew Auernheimer (“weev”) have filed an appeal over his conviction and sentencing:
Andrew Auernheimer, known as “weev,” created an automated tool to extract the names and email addresses of 114,000 iPad 3G owners from AT&T’s servers, which were used by customers to access their accounts. The information was later passed to the online news site Gawker.
Auernheimer’s case drew wide attention for his lengthy prison sentence, which his attorney Tor Ekeland said via email was at the high end for computer-related criminal cases.
He was indicted in 2011 in federal court in New Jersey on two felony counts of conspiracy to access a computer without authorization and fraud related to personal identification under the Computer Fraud and Abuse Act. He was convicted after a five-day trial in November 2012.
Auernheimer maintained he was helping AT&T with its security, but the company claimed nobody from Auernheimer’s hacking group, known as Goatse Security, contacted it about the problem.
Read more on Computerworld.
In a press release, EFF writes:
“The government set out to make an example of Auernheimer,” EFF Staff Attorney Hanni Fakhoury said. “But the only message this sends to the security-research community is that if you discover a vulnerability, you could go to jail for sounding the alarm.”
Read the full press release here. The opening brief for the appeal can be found on on EFF’s site.