Skip to main content

Andrew Auernheimer is not Aaron Swartz

Andrew Auernheimer is not Aaron Swartz
Image used with permission by copyright holder

A chorus of tech pundits – myself included – unleashed a collective wail of outrage earlier this week, upon learning that hacker Andrew “Weev” Auernheimer received a 41-month sentence from a U.S. judge in New Jersey. A jury decided in November that pilfering 120,000 iPad user email addresses from a publicly accessible portion of AT&T’s website and leaking the breach to the press violated the contentious Computer Fraud and Abuse Act (CFAA). Auernheimer’s punishment far outweighs his “crime,” we said – further proof that this increasingly infamous anti-hacking law should no longer exist.

That latter point I stand by. What I can no longer support is the beatification of Auernheimer, whose dirty laundry has muddied an important debate about computer crime laws in the U.S.

While it’s not at all clear whether Auernheimer is a “good person,” however you want to define that, he has firmly established his public persona as a force of chaotic badness. Around the time that another “hacker” haunted by a serious CFAA prosecution, Aaron Swartz, was helping develop the valuable Creative Commons licensing, Auerenheimer was busy releasing the Social Security Number and home address of blogger Kathy Sierra. “This was part of a larger trolling campaign against Sierra,” wrote Mattathias Schwartz in a 2008 New York Times Magazine piece about Internet trolls (featuring Weev), “one that culminated in death threats.”

Andrew-Auernheimer
Andrew Auernheimer Image used with permission by copyright holder

Ruthless trolling, blatant antisemitism, compulsive lying – this is the type of baggage Weev carries wherever he travels. If we are serious about successfully navigating the craggy political landscape that stands between us and fair computer crime laws, we must cut Auernheimer loose. This is me pulling out my knife – a move I should have made from the start.

My mistake came on Tuesday in the form of my latest “Digital Self” column, which carries the headline “We all lose with the Web’s last bandits behind bars.” Weev takes top billing, both as the lead image, and in the copy. Like many others, I packed “Auernheimer” foolishly close to “Swartz,” implicitly drawing a false parallel.

My argument – that a recent wave of high-profile cases based on the CFAA has created a volatile environment for journalists and Internet activists – did not explicitly absolve Auernheimer of wrongdoing. Still, the admittedly rant-y piece sparked a heated reader debate about the nature of Auernheimer’s actions. Does he deserve to go to jail? Did he even break the law at all? And should he be painted a hero by the tech punditry?

Auernheimer’s apologists argue that, due to its negligent security, AT&T deserves full blame for this fiasco. If the wireless provider had better protected its network, Auernheimer and his partner, Daniel Spitler, would never have had the ability to scrape email addresses in the first place.

Ryan Tate, who first reported the “iPad hack” for Gawker (thanks to Auernheimer tipping him off), writes in Wired that the “scapegoating of Auernheimer is revolting,” partially because “it lets AT&T off the hook for exposing sensitive information to public view, shifting the blame onto those who reported the slip-up, and discouraging future disclosure.”

What complicates the Auernheimer saga is that all of these arguments are correct. This story has no hero.

The Electronic Frontier Foundation, which is helping in Auernheimer’s appeal, echoes this argument. “Weev is facing more than three years in prison because he pointed out that a company failed to protect its users’ data, even though his actions didn’t harm anyone,” said EFF Senior Staff Attorney Marcia Hofmann, in a statement. “The punishments for computer crimes are seriously off-kilter, and Congress needs to fix them.”

Then there’s Auernheimer himself, who recently told Mashable’s Alex Fitzpatrick that he believes he “did the right thing,” that he “did something of global social good.” He maintains that he was prosecuted solely because he “embarrassed” AT&T. “I went and notified their customers for them,” he said. “And they didn’t appreciate that at all.”

In short, according to the apologists, Auernheimer is going to jail for “grey hat” hacker tactics meant to ultimately protect consumers. 

Auernheimer critics believe his actions clearly fell on the wrong side of the law. Just look at the evidence, they say. He acted with blatant malicious intent – not to protect AT&T iPad users, but to hurt AT&T, and have a good laugh at the company’s expense. The script that scraped the user data (which was actually written by Spitler, not Auernheimer) used “brute force” tactics to uncover data that AT&T never intended to be public, which justifies the prosecution’s assertion that the pair illegally accessed a “protected computer” – a move strictly prohibited under CFAA. As commenter nickwest points out, in response to the suggestion that AT&T is at fault for not properly protecting its data: “If I forget to lock the door to my house, and leave my private documents on my kitchen table, it’s ok for someone to come in, take them, and then put them in the newspaper?”

In short, according to his detractors, Weev deserves every month behind bars he received.

What complicates the Auernheimer saga is that all of these arguments are correct. This story has no hero.

aaron-swartz
Aaron Swartz Image used with permission by copyright holder

AT&T did fail to protect its network. Auernheimer and Spitler did access the iPad user email addresses through brute force tactics, with the intent to cause harm to AT&T – they admit as much in the IRC chat logs cited in the original criminal complaint against them (PDF). And the CFAA is a dangerous law that allows the imposition of severe penalties for relatively harmless crimes, and gives prosecutors egregious powers over almost any Web users they choose to pursue – including legitimate cybersecurity professionals who make us all safer by uncovering network holes. Every inch of this slimy tale stinks.

Those of us who genuinely want to do the right thing – not for the lulz, but for justice – must shed ourselves of Auernheimer’s self-serving, self-destructive escapades. Andrew Auernheimer is not Aaron Swartz, no matter how many times we repeat that he is. Groups like the EFF may find it necessary to help appeal his sentencing, as part of a broader strategy to change the CFAA. But if the rest of us want to win the inherently political battle for better computer crime laws, not one of us should let our righteousness over the intolerable failings of the CFAA seduce us into painting Auernheimer a martyr anymore than we already have.

Andrew Couts
Former Digital Trends Contributor
Features Editor for Digital Trends, Andrew Couts covers a wide swath of consumer technology topics, with particular focus on…
How to change your language in Google Chrome on desktop
Chrome OS

Google Chrome supports a wide range of languages. While it'll default to English in most cases, there's nothing stopping you from changing its settings and displaying pages in Spanish, French, or dozens of other languages.

Changing your default language in Chrome takes only a few seconds, and the technique used is the same across Windows and Mac. Aside from changing your language, note that Chrome now gives you the option to automatically translate pages written in another language – making it easy to read content from around the globe.

Read more
23 of the best Netflix hacks, tips, and tricks
The Netflix home screen.

Netflix is one of the most popular streaming platforms for all things movies and TV shows. Home to an immense library of titles, the Netflix archive is constantly changing and evolving, and so are the many ways you can use your Netflix account. 

For instance, did you know you can access region-locked Netflix shows and flicks by using a VPN? Or that you can disable that pesky Autoplay feature? There are tons of Netflix hacks, tips, and tricks out there, so we’ve gone ahead and rounded up all of our favorites! 
Expand your streaming with a VPN

Read more
How to make a GIF from a YouTube video
woman sitting and using laptop

Sometimes, whether you're chatting with friends or posting on social media, words just aren't enough -- you need a GIF to fully convey your feelings. If there's a moment from a YouTube video that you want to snip into a GIF, the good news is that you don't need complex software to so it. There are now a bunch of ways to make a GIF from a YouTube video right in your browser.

If you want to use desktop software like Photoshop to make a GIF, then you'll need to download the YouTube video first before you can start making a GIF. However, if you don't want to go through that bother then there are several ways you can make a GIF right in your browser, without the need to download anything. That's ideal if you're working with a low-specced laptop or on a phone, as all the processing to make the GIF is done in the cloud rather than on your machine. With these options you can make quick and fun GIFs from YouTube videos in just a few minutes.
Use GIFs.com for great customization
Step 1: Find the YouTube video that you want to turn into a GIF (perhaps a NASA archive?) and copy its URL.

Read more