backtop


Print 65 comment(s) - last by atlmann10.. on Jun 21 at 12:52 AM


Andrew Auernheimer's mugshot  (Source: Washington County's Sheriff's Office)
Details have not been released but some are speculating AT&T requested the raid

Andrew Auernheimer, aka "weev" or "Escher Auernheimer", masterminded Goatse Security's harvest of 114,000 iPad users' private email addresses using AT&T's wide open website.  Now Auernheimer is in prison facing felony possession charges.

Auernheimer, 24, was arrested in his home late Tuesday when police raided it.  At this point its unknown whether the raid was triggered by AT&T or was unrelated to the iPad drama.  AT&T sent an apology to customers writing that it was investigating the "malicious" "attack" by "hackers", and has since wrote that it is cooperating with the FBI in the inquiry.

What is clear was that a large amount of controlled substances, including cocaine, LSD and ecstasy, were found in Auernheimer's house.

For now Auernheimer is in jail awaiting multiple criminal possession charges.  He is currently incarcerated at Washington Country Detention Center in Fayetteville, Arkansas.

The arrest has triggered a great deal of anger against AT&T, probably partially because it reminds many of Apple's requested raid on 
Gizmodo journalist Jason Chen's house, after Chen purchased a lost iPhone 4 prototype.  Cult of Mac writes:

That’s one way of putting it. Another way of putting it is that AT&T’s security malfeasance exposed the private user details of over a hundred thousand customers, and are now busy hunting down and vilifying the benign group of security activists who alerted them to the problem before less well-meaning hacker groups could exploit the data.
While Auernheimer’s arrest for drug charges is obviously warranted by the letter of the law, it’s hard to escape the fact that the Feds shouldn’t have even been at his house. Goatse did both the public and AT&T a service by publicizing a dangerous security vulnerability before it could be maliciously exploited. They didn’t publish the exploit until AT&T had closed the hole. They insisted that any published customer records had the personal information removed first.

Indeed if the raid ends up being based on the iPad investigation, it may end up being ruled invalid, considering no charges have been filed in that investigation.  

The Goatse Security researchers point out that they went to no elaborate means to obtain the information.  AT&T's website freely provided email addresses to requests with spoofed iPad headers containing an ICC-ID number.  Spoofing is by no means illegal -- most cell phones do it to change between mobile version of sites and the full version.  And all Goatse Security did was guess numbers.

They state that they felt compelled to leak the information after Apple and AT&T still haven't fixed a gaping Safari hole on the iPad.  They revealed that hole way back in March, and nothing has been done.  The group says that if they did not approach the media with the massive amount of emails they gathered, the company would have done nothing and would continue to endanger its customers.

AT&T is currently facing more problems -- during the iPhone 4 preorder madness yesterday, it apparently exposed private information of customers by misdirecting users logging in to other peoples' accounts.  This time no "hackers" were involved.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Kinda scary
By paydirt on 6/16/2010 10:52:55 AM , Rating: 5
I love AT&T. I love Apple. I love the U.S. Government. I love AT&T. I love Apple. I love the U.S. Government. I love AT&T. I love Apple. I love the U.S. Government. I love AT&T. I love Apple. I love the U.S. Government. I love AT&T. I love Apple. I love the U.S. Government.


RE: Kinda scary
By HakonPCA on 6/16/2010 12:05:07 PM , Rating: 3
the leader is good, the leader is great...


RE: Kinda scary
By HakonPCA on 6/16/2010 12:06:02 PM , Rating: 3
or....

nah-na-nah-na-nah-na-nah-na....batman....I mean....Leader


RE: Kinda scary
By ekv on 6/16/2010 12:06:35 PM , Rating: 4
love? meh. I'm from the Gov't and I'd prefer cash. You can wire soft money to the following account ...


RE: Kinda scary
By Samus on 6/16/2010 3:44:52 PM , Rating: 5
That guys resembles more of a pothead than a coke head. The only drug of any of those that fits a "hacker profile" is LSD. The speed effect hackers seek comes in the form of energy drinks and coffee. This guy probably makes 50k a year and from the looks of it, it'd be doubtful he could afford this expensive cocktail of drugs, especially some of which metabolically conflict. Extacy is a SSRI, cocain is an MAOI, LSD we don't really know how it works, but causes brain damage in rats when taken with SSRI's.

This guy would have nervous system and possibly brain damage if he did these drugs within short periods of each other.

Leading me to believe they were planted.


RE: Kinda scary
By Shin Messiah on 6/17/2010 12:14:29 AM , Rating: 2
Well I might not speak for a lot of people, but years ago (about 5) when i was going through that phase of my life, I often mixed XTC and LSD on a fairly regular basis. Its called "candy flipping", shrooms and LSD would be "flower fliping". And yes the combined effect was the strongest I ever experienced, with out doing coke or heroin or meth outright, which I have never done. Another thing, its been known for years that various chefs cooking different batches of XTC are cut/combined with different chemicals or compounds to create experiences (or highs) that differentiate them from their competitors. Often times its cut with coke or speed or both. Sometimes heroin but not too much anymore because of the cost. I myself have tried many of these different batches before, for a period of about 4-5 years. That being said, after 4 years and change being clean, yeah i got some screws loose, but all my nuts and bolts are definitely intact. I serious doubt I have brain damage. I will also debate that LSD fits a hacker profile. If you have ever done any sort of LSD or serious hallucinogen you will quickly realize that, its almost possible to sit still for a minute or concentrate on one thing, let alone seriously trying to evade security measures (i.e. heavy problem solving skills), typing (motor skills), while simultaneously not leaving any tracks or believing that your monitor and keyboard are trying to eat you and the mouse is running up your back. So, to me LSD does not fit and coke might actually fit better. But I do agree on your first point, at worst this guy looks nothing more that an a pothead, but I digress.

And while its quite possible that the drugs were planted, as nothing really surprises in this day and age, I would like provide a different angle as to the drugs might have been there. "Security Expert" hackers or whatever an make a lot of money or little money depended what you are involved with. Its quite possible that he was investing the money "earned" into these narcotics and to turn around and making a killing on profit from the sale of them. He doesn't look like the street vendor type, but depending on the quantity of stuff that was supposedly recovered, he may have just been a distributor. Makes perfect sense if you think about it. The drugs sell themselves basically, just acquire them and the minions move it for him, while allowing him to sit in front of them screen and do what he does best. The truth may be weirder still, but given my experience in these areas, it seems like the most viable scenario. Once again just my opinion.


RE: Kinda scary
By atlmann10 on 6/21/2010 12:52:20 AM , Rating: 2
He is most likely also a chemist, while the speed type of drugs (Cocaine) found were to keep him awake! While the cut's you list are totally wrong, crystal and heroin are used often coke will not mix because of it's makeup, no matter what you were told by your dealer, or friend who claimed he knew everything.

I know a good bit about it because I used to run a promotion company and organized DJ's and venues for the parties (Raves) when they first started in the US. While I never had anything to do with the manufacture of drug's I had to know what everything did when we would have incidents at my event's (OD's) it happens pretty often when you have a few thousand people together for such a night.

Most of the information I have (While I will not say I never tried any of it), is from Medical personnel especially EMT's. Cocaine and X especially can directly kill you when or if combined. Of course most drugs can also have that effect singularly. The combination is especially dangerous of those to. As far a LSD and X back in the day was know as Trolling, Mushrooms and X were candy flipping. Of course My rave days start in the late 80's and ran largely through the 90's-2002. Where yours sound like they start in the 2000's.


RE: Kinda scary
By chiadog on 6/17/2010 12:52:08 PM , Rating: 2
Where do we line up for our Koolaid? ;o


"We can't expect users to use common sense. That would eliminate the need for all sorts of legislation, committees, oversight and lawyers." -- Christopher Jennings














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki