Convicted hacker Andrew "Weev" Auernheimer was sentenced Monday to 41 months in prison for collecting thousands of email addresses from AT&T's servers and disclosing them to a reporter.
Auernheimer was also ordered to serve an additional three years of probation and pay more than $73,000 in restitution to AT&T, according to Rebecca Carmichael, a spokeswoman for the U.S. Attorney's office in Newark.
Auernheimer, 27, known online by the nickname "Weev," found a security flaw in an AT&T server three years ago that allowed his security group, Goatse Security, to collect 114,000 email addresses belonging to iPad 3G users. Auernheimer turned over that information to the gossip site Gawker, which posted some partially redacted addresses, prompting an FBI investigation.
During a trial last year, federal prosecutors painted Auernheimer as a publicity-hungry hacker who violated the privacy of thousands of iPad owners by disclosing their email addresses to a journalist.
A jury found him guilty of identity theft and conspiracy to gain unauthorized access to computers. He had faced up to 10 years in prison.
In a pre-sentencing memo, Auernheimer's attorneys argued he should only receive six months probation because AT&T's security was so lax that it required no "special skill" to collect customers' email addresses. They also included comments from one AT&T investigator who said Auernheimer "circumvented no security."
Auernheimer's sentence comes as the government has taken a hard line on hackers. Last week, federal prosecutors charged Reuters social media editor Matthew Keys with helping the hacker group Anonymous attack the website of his former employer. If convicted, Keys faces up to 25 years in prison.
In January, Internet activist Aaron Swartz committed suicide while facing trial for allegedly stealing millions of scholarly journal articles from the digital archive JSTOR using MIT's network. Swartz faced a potential sentence of more than 30 years in prison.
Auernheimer, Keys and Swartz were charged under the Computer Fraud and Abuse Act. Many have criticized the law for being overly broad and imposing harsh sentences on what some consider relatively minor computer-related crimes.
A website created to raise money for Auernheimer's legal defense described him as "the world's most notorious Internet troll" who "never takes anything seriously and generally treats life as a piece of performance art."
In a December interview with The Huffington Post, Auernheimer said he wasn't afraid of prison and planned to keep a blog during his incarceration.
He added that his conviction brought more attention to his message -- that corporations are evil and deserve criticism -- than any prank he could have pulled online.
"They’ve done my message a huge favor," he said. "What I'm trying to say has been greatly been helped by the fact that the federal government is shoving me in a prison cell."
Update (5:45):After the hearing, Auernheimer was taken into custody at his own request, according to his attorney, Tor Ekeland.
"He figured if he was going to be sentenced he might as well start it right away," Ekeland told The Huffington Post.
Ekeland said he plans to file an appeal Tuesday with the Third Circuit Court of Appeals. The Electronic Frontier Foundation said Monday it would join Auernheimer's legal team to litigate his appeal, "arguing that fundamental
problems with computer crime law result in unfair prison sentences like the one in this case."
Earlier on HuffPost:
The Japanese government counter-terrorism practice of <a href="http://www.reuters.com/article/2007/11/20/us-japan-fingerprinting-idUST23858020071120" target="_hplink">fingerprinting foreigners who enter the country</a> may have inspired Doctor Tsutomu Matsumoto to invent "fingerprinting gels", a way of <a href="http://cryptome.org/gummy.htm" target="_hplink">faking fingerprints for scanners</a>. <a href="http://www.dansdata.com/uareu.htm" target="_hplink">Learn how</a> to make your own here.
White Noise Generator
Worried someone around you is <a href="http://articles.businessinsider.com/2011-07-28/strategy/29998051_1_bank-employee-consent-conversation" target="_hplink">secretly recording everything you do?</a> No fear! There's a relatively low-tech way to defeat such snoops, via white-noise-producing <a href="http://www.amazon.com/Productive-Home-Security-Prducts-Jammer/dp/B002PJ7PYS" target="_hplink">audio jammers</a>. These tiny devices use good ol' white noise to blur the sound picked up by hidden microphones and other surreptitious recording devices.
<a href="http://www.technologyreview.com/view/421768/silence-smart-phones-at-thanksgiving-dinner-with/" target="_hplink">MIT's Technology Review</a> calls it the newest, hottest Thanksgiving accessory -- but you can use phone-size "<a href="http://en.wikipedia.org/wiki/Faraday_cage" target="_hplink">Faraday cages</a>" like this (sold by <a href="http://www.uncommongoods.com/product/phonekerchief?9gtype=search&9gkw=phone kerchief&9gad=6315569457&gclid=CKWq9s2krLICFcRM4AodwDoAAw" target="_hplink">uncommongoods</a>) to block your cellphone's call signal, WiFi and GPS. Handy now that<a href=" http://arstechnica.com/tech-policy/2012/08/federal-court-rules-cops-can-warantlessly-track-suspects-via-cellphone/" target="_hplink"> federal courts are ruling that cops can track suspects via cellphone sans warrant</a>, and <a href="http://www.zdnet.com/apple-patent-could-remotely-disable-protesters-phone-cameras-7000003640/" target="_hplink">Apple can remotely disable your phone camera with a click</a>. As security researcher <a href="http://nplusonemag.com/leave-your-cellphone-at-home" target="_hplink">Jacob Appelbaum said in an interview with N+1 back in April</a>, "Cell phones are tracking devices that make phone calls." So shouldn't you be prepared for when you <em>don't</em> want to be tracked?
Hidden cameras got you down? Blind them all with a simple baseball cap lined with infrared LEDs. <a href="http://creator.wonderhowto.com/amiehold/" target="_hplink">Amie, a hacker on WonderHowTo</a>, shows the world <a href="http://mods-n-hacks.wonderhowto.com/how-to/make-infrared-mask-hide-your-face-from-cameras-201280/#" target="_hplink">how to make one</a>, while <a href="http://translate.google.com/translate?u=http%3A%2F%2Fwww.oberwelt.de%2Fprojects%2F2008%2FFilo%2520art.htm&langpair=de%7Cen&hl=en&ie=UTF8" target="_hplink">this German art exhibition</a> lays out how these ingenious devices work.
These receivers reveal the telltale electronic crackle of hidden mics and cameras. Strangely enough, they were around long before "surveillance culture" became a <a href="http://digitalcommons.law.yale.edu/ylsspps_papers/64/" target="_hplink">common phrase</a>. Today they're sold in all sorts of <a href="http://www.gadget-playground.com/bug-detection.html" target="_hplink">shops for surveillance paranoids</a>.
Sometimes hiding your face isn't enough; sometimes you don't want to be seen at all. For those days, there's camera maps. The <a href="http://www.mediaeater.com/cameras/locations.html " target="_hplink">NYC Surveillance Camera Project</a> is currently working to document the location of and working status of every security camera in New York City. This project has been replicated by others in <a href="http://www.notbored.org/boston.html" target="_hplink">Boston</a>, <a href="http://www.notbored.org/chicago-SCP.html" target="_hplink">Chicago</a> and <a href="http://www.bloomingtonsecuritycameras.com/map.html" target="_hplink">Bloomington</a>, Indiana. <a href="http://www.notbored.org" target="_hplink">Notbored.org</a> has even published a guide to making your own surveillance camera maps (<a href="http://www.notbored.org/map-making.html " target="_hplink">here</a>).
Credit to artist <a href="http://ahprojects.com/" target="_hplink">Adam Harvey</a> for this one. Inspired by the <a href="http://www.bobolinkbooks.com/Camoupedia/DazzleCamouflage.html" target="_hplink">"dazzle camouflage" </a>used on submarines and warships during World War I, he designed a series of face paint principles meant to fool the facial recognition schemas of security cameras. Check out <a href="http://dismagazine.com/dystopia/evolved-lifestyles/8115/anti-surveillance-how-to-hide-from-machines/ " target="_hplink">The Perilous Glamour of Life Under Surveillance</a> for some tips on designing your own camera-fooling face paint.
Walmart may be the premier symbol of corporate America, but its disposable cellphone selection can help you start a thoroughly maverick lifestyle. <a href="http://www.walmart.com/ip/TracFone-Samsung-S125G-Prepaid-Cell-Phone-Bundle/20933059" target="_hplink">$10 TracFones</a> work on most major networks, including <a href="http://www.prepaidphonenews.com/2011/12/how-to-get-tracfone-net10-or-straight.html" target="_hplink">AT&T, T-Mobile, Sprint and Verizon</a>, and come with minutes prepaid so you can dispose of the devices when you're done.
Radio-Frequency Identification (RFID) chips are now <a href="http://electronics.howstuffworks.com/gadgets/high-tech-gadgets/rfid.htm" target="_hplink">regularly implanted</a> in passports, ID cards, credit cards and travel papers. These tiny chips make machine-reading your documents easier -- but could also let anyone with the right type of scanner <a href="http://articles.cnn.com/2006-07-10/tech/rfid_1_rfid-industry-rfid-journal-rfid-chips?_s=PM:TECH " target="_hplink">scrape your information <em>and</em> track your whereabouts</a>. Luckily, gadget geeks have come to the rescue again, this time with<a href="http://www.thinkgeek.com/product/8cdd/" target="_hplink"> RFID-blocking wallets</a>. Working on the same principle as the "phonekerchief", these wallets create a Faraday cage around your items, keeping their data secure until you take them out to be scanned where they're supposed to be scanned. Destroying the chip is simpler: <a href="http://www.instructables.com/id/How-to-blockkill-RFID-chips/" target="_hplink">just nuke it in the microwave for five seconds</a>. Of course, whatever you're microwaving might <a href="http://www.youtube.com/watch?v=4_5UYcyO3Pg" target="_hplink">burst into flames</a> first...