Home page logo

dailydave logo Dailydave mailing list archives

Re: Weev's collateral damage.
From: Don Bailey <don.bailey () gmail com>
Date: Wed, 21 Nov 2012 10:23:51 -0800

It's a bit frustrating to have a security professional equate this case to peering in a window. 

As part of my research, I am googling for new SIM technology and the keywords that go along with it often. Results show 
spreadsheets and other files that may be relevant to me, but which clearly contain PII when browsed. This is not a case 
of me hunting for trouble, this is a case of trouble coming to me.

Andrew is a troll. He openly admits this. Andrew automated the retrieval of data from a publicly available website. He 
openly admits this. He did not go peeping in someone's window. 

Presenting such inaccurate allegories exacerbates the problem by further muddying the issue. If professionals don't 
stick to the facts, we risk disorienting the public further when presenting our case to the masses.


On Nov 21, 2012, at 9:20 AM, "J. Oquendo" <joquendo () e-fensive net> wrote:

On Wed, 21 Nov 2012, Dave Aitel wrote:


So I'm no fan of Weev aka Andrew Auernheimer. The man is seriously
disturbed and it's odd to see people support him
<https://twitter.com/maradydd/status/271067146145107968> on Twitter.
Just as an example, here's some bizarre rape porn I'm fairly sure he and
his friends posted about my wife on full disclosure (and to DD before it
was moderated - in fact, Weev is the reason moderation is on this list
at all):
http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/043638.html .
Here's a post about him torturing some kid "for the lulz":

I think it's fair to say the likelihood of Weev having done something
that deserves some level of criminal liability is pretty high. That
said, this is not it. Keep in mind the data Weev collected was email
addresses and names. Nothing sensitive in the slightest. Everything they
collected was essentially sent in cleartext over the Internet at some point.

It's obvious to anyone with any technical background that the case the
FBI brought against him is a travesty, and the fact that they won is
even more insane. It's this sort of thing that makes it obvious the DHS
doesn't understand the Internet, and shouldn't be given more control
over it, which is what John McCain has been saying for the last year or
so. Cases like this make everyone look bad - and if they manage to make
it stick, the collateral damage is all of us.


How many individuals here have either 1) Sat on a jury for
a tech case 2) been involved in a tech case that went to
trial? ... *crickets*

The reality behind going to a trial on the federal level is,
no matter what the charges are, the jury's bias is and will
always be: "well the FBI was involved, therefore it must be
serious." Couple this with the fact that a jury of any kind
of peer is and can never be expected. In fact, during the
jury selection, you can expect the prosecution to seek to 
dismiss anyone with any kind of technical background from
the jump.

While I don't care for weev, the whole Goatse trolls, I now
ask you this: "If I decided to keep walking by your house,
looking in the window, then copying whatever information
that was visible, then dumped your information somewhere,
would you feel I did something criminal?" Even though YOU
were the one that left your window open and data exposed,
who the heck am I to walk around copying your information
then pastebin'ing it, sending it to Gawker, etc. Its a dual
edged sword. 

So while you see a portion of his case online, I am sure
there was likely more that came into play that did not help
weev. E.g., boasting on IRC about shorting AT&T's stock.

Tech cases that go to trial are a rarity. Period. You could
likely count all cases that went to trial in the past ten
years on both your hands. Most times prosecutors are happy
to throw out a month or two punishment if one cops out as
opposed to someone blowing trial. I can tell you from my
own experience... One CANNOT win trial against the gov.
I could speak of "FBI Computer Experts" that stated they
did not know what an IP address was and so forth, things
that would make techies breathe a big WTF, but at the end
of the day... Jury of 12 peers who 1) won't understand an
iota of technology no matter how its explained 2) jury of
12 peers who would rather be rolling in broken glass than
sitting in court 3) Skewed and distorted information as
well as evidence that never sees the light of day.

If someone did nothing, they have ABSOLUTELY EVERY RIGHT
to fight their case no matter what kind of deal is being
offered. If someone DID DO SOMETHING, here is some advice:
You will get pounded period. Don't be an idiot and try to
fight any power. Weev and his lawyers can appeal until
their faces turn blue, they will get nowhere. I go back to
the analogy of me looking into your house. Sure you were
pretty dumb for keeping your windows opened which exposed
your data, but just because you did, does not give me the
right to take a sharpie, poster board, write your info
on that posterboard and plaster it all over the "hood"

J. Oquendo

"It takes 20 years to build a reputation and five minutes to
ruin it. If you think about that, you'll do things
differently." - Warren Buffett

42B0 5A53 6505 6638 44BB  3943 2BF7 D83F 210A 95AF
Dailydave mailing list
Dailydave () lists immunityinc com
Dailydave mailing list
Dailydave () lists immunityinc com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]