Two Hackers Charged in IPad Security Breach


Uploaded on January 20, 2011 by newsydotcom

Transcript by


You're watching multisource tech news analysis from Newsy

Trolls in Trouble. Two computer hackers find themselves on the wrong side of the law, after breaching AT&T security, and allegedly seeking to sell the email addresses of more than 100,000 elite iPad users.

“Hackers broke into a wireless network, they exposed the email addresses of more than 100,000 iPad users. And they were many of the first people to get iPads, so let’s just say the list of names is very A-list.”

Hackers Andrew Auernheimer and Daniel Spitler -- acting under the name “Goatse Security” -- were taken into custody Tuesday by FBI agents and charged with conspiracy to access a computer without authorization. So -- are they crooks? Or cyber-do-gooders?

We’re analyzing coverage from Bloomberg, Goatse, The Register and Forbes.

The charges came down despite Goatse’s attempts to portray itself as a watchdog, intent on informing AT&T and Apple of the security shortfalls. Bloomberg spoke with one of Goatse’s chief operatives.

“When he bought the iPad, in the course of the normal user experience, he noticed that there was an AT&T maintenance app, that knew who he was, without him providing any login credentials. So, he said, uh, how do I do this, and what happens if I implement this number and boom, like he gets all sorts of emails.”

In an open letter penned to the U.S. Department of Justice, one of the accused -- Andrew Auernheimer -- characterizes his work as patriotic -- and AT&T’s failure to secure -- as irresponsible.

“We at Goatse give back, with daily volunteer work... We find this the most healthful and heartiest form of patriotism... AT&T needs to be held accountable for their insecure infrastructure as a public utility and we must defend the rights of consumers over the rights of shareholders.”

The UK’s The Register quotes former federal prosecutor-turned-cyber security consultant March Rasch as saying, this is a little like a prowler jiggling the doors of cars or homes to see if they’re open. The crime isn’t in that -- it’s in what comes afterward.

“Very frequently, people believe that if they are physically capable of obtaining information off of a webserver that it is the fault of the developer for creating a vulnerability and therefore they are perfectly allowed to exploit that vulnerability and then do anything they want with the information they've obtained. They view it as an unlocked door or even a door that is open.”

On Forbes, The Firewall’s Andy Greenberg says, this idea that these are do-gooders, seems non-sensical. If you really want to be thought of as a good guy, don’t also claim to want to make people fear for their lives -- as these hackers also did.

“The overall message for those probing the dark side of the Internet? Exposing security flaws may make the world a safer place. But act like a nihilistic hacker bent on random digital mayhem, and law enforcement may just treat you like one.”

So who’s to blame here? The hackers? Or the corporations that failed to keep them out?

Ipad, Security Breach, Hackers, Computers, At&T, Security, Ipad Users, Wireless Network, Email Addresses, Goatse Security, Fbi Agents, Apple Security, Department Of Justice, Prosecutor, Internet, Andrew Auernheimer, Daniel Spitler, Multisource, Tech News, News & Events
Comments on Two Hackers Charged in IPad Security Breach