Two hackers who made a mockery of AT&T and Apple's iPad security are getting the book thrown at them in a US court.
Daniel Spitler and Andrew Auernheimer took just five days to nick the data of 120,000 iPad users and pass it on to the Gawker website. They shared the code they used to do it with their mates.
The code mimicked an iPad so that AT&T's servers were fooled into believing that they were communicating with an Apple customer who would never dream of turning over its servers because these were blessed by Steve Jobs.
The pair, who are members of the hacker group Goatse Security, used an account slurper to conduct a brute force attack on AT&T's servers. Where they went wrong was telling people they did it.
AT&T has since shut off the feature that allowed the hackers to infiltrate it.
Currently prosecutors are casting the two as hackers who were breaking into computers for a laugh and then bragging about it to their mates.
Prosecutors said that Goatse Security, was a group of "self-professed Internet 'trolls'" who try to disrupt online content and services.
According to Reuters, the defendants were each charged with one count of fraud and one count of conspiracy to access a computer without authorization. Each charge carries a maximum punishment of five years in prison plus a $250,000 fine.
Given that they made no money on the hack and alerted the media that it was so simple to do, the pair seem to be getting the book thrown at them for showing up AT&T and Apple.
Rather than hiding, according to Wired, Auernheimer wrote an email to the US attorney's office in New Jersey to expose the iPad security vulnerability.
He told the prosecutor's office, "AT&T needs to be held accountable for their insecure infrastructure as a public utility and we must defend the rights of consumers, over the rights of shareholders."
"I advise you to discuss this matter with your family, your friends, victims of crimes you have prosecuted, and your teachers for they are the people who would have been harmed had AT&T been allowed to silently bury their negligent endangerment of United States infrastructure," he wrote.
While the US apparently has a policy of arresting, or trying to arrest whistle blowers, we guess they were doomed from the start.
Sadly any attempt by Auernheimer to cast himself as the defender of the user was foiled by an interview he gave the New York Times where he said, "I hack, I ruin, I make piles of money. I make people afraid for their lives. Trolling is basically internet eugenics. I want everyone off the internet."
Read more: http://www.theinquirer.net/inquirer/news/1937953/hackers-mocking-ipad-insecurity#ixzz1BTifVShx