∞ Man accused of iPad data theft released on bail

A man accused of stealing more than 100,000 email addresses of iPad users from AT&T’s servers has been released on bail.

[ad#Google Adsense 300×250 in story]Andrew Auernheimer is charged with one count each of fraud and conspiracy to access a computer without authorization, according to AP. Auernheimer and another man were able to trick AT&T’s server into giving them email addresses of users that signed-up for the company’s 3G service.

Auernheimer is apparently part of Goatse Security and discovered the flaw in AT&T’s server last June. Goatse said it contacted AT&T and waited until the flaw was fixed before going public with the fact they were able to hack the server.

AT&T said they were not aware of the data breach until new reports appeared online.

Goatse maintains that Auernheimer did nothing wrong and was “acting in the public interest by exposing the security flaw.” The man faces five years in jail for each count he’s charged with.

  • When will the court system realize that heavy handed attempts at administering justice makes us less rather than more safe? We need more hackers willing to find vulnerabilities and share them with the public: not cast them into the shadows where they can do real harm..

    • Anonymous

      The hackers need to be in the employ of a reputable business, not some independent dude who may be tempted to sell the info. Not that an employee can’t use their knowledge for nefarious purposes just that oversight of them is easier than someone working out of his home.

      And yes these clowns need to do prison time.

  • Vamsmack

    Goaste Security commenting on anything conjures up far more graphic mental images than this Ace Ventura clip http://www.youtube.com/watch?v=6DrRE1LDY_U

  • Random dudes or reputable businesses aren’t allowed to come waltzing into my home to do me the service of showing me it is not secure. It’s called breaking and entering and is illegal, no matter what the reasoning is behind it. I want the same illegality for people who think it’s okay to break into data to teach a lesson, prove some security issue, or just look around and see. It’s not okay.

    • Dieyouspammer

      Your analogy is false. AT&T had a public web page with a form that had no authentication. Read up on what the EFF had to say about it.