Pixel Envy

Written by Nick Heer.

Appeals Court Reverses Hacker/Troll “weev” Conviction and Sentence

There are a couple of reasons I’m linking to this article from Ars Technica’s David Kravets. The first reason is that the headline contains the phrase “hacker/troll”, which is both very apt for weev, and would be pretty great on his business card.

The second reason is far more important: weev was charged and convicted under the Computer Fraud and Abuse Act, despite him not having hacked anything, really:

His attorneys argued all along that in order for the CFAA to have applied in this case, there needed to be some sort of “password-gate” or other way of keeping someone out of the AT&T website, which was not present here. They maintained that Auernheimer did not hack into servers or steal passwords. Rather, a major network security flaw at AT&T was discovered and exploited.

Basically, AT&T was stupid enough to verify authorization based on the validity of a URL. All weev did was play around with the URL, thereby exposing information that is implicitly public, but should be private. In other words, weev was convicted for an AT&T problem. The reversal of these obviously overzealous charges is very good news.