We had no immediate use for the silicon fabrication plant where memories were made and had to shut it down - Andy Grove - Only the Paranoid Survive
|
|
|
Hackers face five years for mocking Ipad insecurity
TWO BLOKES who made a mockery of Apple's faith-based Ipad security are getting the book thrown at them in a US court.
Daniel Spitler and Andrew Auernheimer took just five days to nick the data of 120,000 Ipad users and pass it on to the Gawker website. They shared the code they used to do it with their mates.
The code mimicked an Ipad so that AT&T's servers were fooled into believing that they were communicating with an Apple fanboi who would never dream of turning over its servers because these were blessed by Steve Jobs.
The pair, who are members of the hacker group Goatse Security, used an account slurper to conduct a brute force attack on AT&T's servers. Where they went wrong was telling people they did it.
AT&T has since shut off the feature that allowed the hackers to make it look so dumb.
Currently prosecutors are casting the two as hackers who were breaking into computers for a laugh and then bragging about it to their mates.
Prosecutors said that Goatse Security, was a group of "self-professed Internet 'trolls'" who try to disrupt online content and services.
According to Reuters, the defendants were each charged with one count of fraud and one count of conspiracy to access a computer without authorization. Each charge carries a maximum punishment of five years in prison plus a $250,000 fine.
Given that they made no money on the hack and alerted the media that it was a doddle to do, the pair seem to be getting the book thrown at them for showing up AT&T and Apple.
Rather than hiding, according to Wired, Auernheimer wrote an email to the US attorney's office in New Jersey to expose the Ipad security vulnerability.
He told the prosecutor's office, "AT&T needs to be held accountable for their insecure infrastructure as a public utility and we must defend the rights of consumers, over the rights of shareholders."
"I advise you to discuss this matter with your family, your friends, victims of crimes you have prosecuted, and your teachers for they are the people who would have been harmed had AT&T been allowed to silently bury their negligent endangerment of United States infrastructure," he wrote.
While the US apparently has a policy of arresting, or trying to arrest whistleblowers, we guess they were doomed from the start.
Sadly any attempt by Auernheimer to cast himself as the defender of the usesr was scuppered by an interview he gave the New York Times where he said, "I hack, I ruin, I make piles of money. I make people afraid for their lives. Trolling is basically internet eugenics. I want everyone off the internet." µ
Share this:
Share
Looks like he's going to succeed in taking himself off the Internet for a while.
The hackers accessed an open-to-the-world, undisclosed, e-mail harvesting function, JUST LIKE FECESBOOK'S NUMEROUS ADVERTISERS DO to their saps.
Yes, there was some geek bragging and awkwardness, but THEY NOTIFIED MULTIPLE PARTIES AND DID NOT EXPLOIT THE INFO FOR PROFIT, so, incompetent AT&T SUFFERED NO DAMAGES.
Indeed, it is AT&T who should be FORCED TO PAY THEM A WHISTLEBLOWER'S FEE.
hahahaha Goatse
Well if S.Jobs is to punish them he will definitely seat his big brother power. If that is what Jobs wanted from the beginning. Being big brother himself (according to his well known bold behavior) Otherwise, those 2 IT monkeys cracked into an obvious hole in the fence and they get fried... Poor monkeys...
Sure they screwed up and didn't handle their discovery properly, but they have managed to get the word "Goatse" into mainstream press all across the world, and you gotta give em credit for that!
TruthfulArse's comment is correct, and he made a point that I think might get lost in the rest of his diatribe against these racist trolls.
If they had reported it to AT&T first before going to Gawker, they would have won the moral victory. That's "responsible" disclosure that is rarely punished. The 0-dayness of the report raises their notoriety though and was simply too irresistible.
To me that's the number one most important issue. They didn't take that one step. Any one of them could have done that and saved the rest of them.
But they're all essentially drug-addled morons, ignorant about how reality works while they seek fame and fortune (ha! weev's broke despite his claims to the NY Times that went unchecked) from a small microcosm of the seedy underbelly of the Internet.
I'll give them credit for one thing. They've exposed the terrible state of the traditional media at reporting facts despite there being a plethora of logs and a long history of published material from GNAA showing Goatse Security is an utterly incompetent, juvenile farce.
they deserve awards for there hard work. someone has to crack the world and see if it stands up against the best of the best.oh and hackers arent criminals deserved of severe punishment if no monetary value can be accessed.
This was insecurity of an AT&T web site (which I seriously doubt is being hosted on an iPad). The hackers were spoofing IDs using normal PCs to hack data out of the site. The only iPad connection is that it was data about iPad users.
Nothing about the logs of them planning to short ATT stock? Or blackmail others with the info obtained? Or how Goatse Security is just a troll by some white kids who like to call themselves the Gay N!gger Association of America and they used a security breach for PR? Or how they went and downloaded as much user info as possible instead of disclosing the security flaw that enabled it as to be able to use the material for any of a number of scams? Or how these characters spend a majority of their time spreading libel about those they do no like via press releases or attempting to spam IRC chat channels with racist bile? You had a chance to look up the details in the gov's case info, but apparently passed it by.
http://www.wired.com/images_blogs/threatlevel/2011/01/Spitler-Daniel-et-al.-Complaint.pdf
Stop being such a worthless tool of a 'journalist' and investigate the folks you are bashing your keyboard to write articles about. Perhaps then you could gain some real traffic instead of writing shallow articles in order to take advantage of trending topics.
The Inquirer missed a move here - by not running a pic of Andrew Auernheimer to accompany the article! He looks just like you'd imagine - the typical Lunix fatbeard :)
I hope these clowns get the maximum sentence but some bleeding hearts will probably give them a slap on the wrists. The only good hacker is dead... or in prison for at least 20 years.