Slashdot: News for Nerds


Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Stanford Files Weev Amicus with Mozilla, Security and Privacy Experts

Anonymous Coward writes | 1 year,3 days


An anonymous reader writes "Andrew Auernheimer ("weev") was convicted of a federal felony for something many of us do routinely: changing a user-agent and crawling a public website. His case is now on appeal in the Third Circuit. The Stanford Center for Internet and Society has filed an amicus brief, clarifying the technical issues and arguing that the conviction poses a grave risk to research. Signatories include the Mozilla Foundation and a litany of security and privacy luminaries."

cancel ×

1 comment

My response (1)

Ellie K (1804464) | 1 year,3 days | (#44222933)

Good find. I left a comment. I'm not sure if they'll publish it, as it is too lengthy.

It seems rather disingenuous to compare Weev-and-Gawker with any sort of legitimate, responsible behavior. There were so very many failures:
1.Weev could have tried to contact AT&T. I understand the reasons for not doing so. One of them is the legitimate fear of being accused of wrong-doing oneself! I know that can happen. Or one may be ignored entirely. I have seen that too, on many professional and not-so-professional information security researchers' websites. One should try though. Otherwise, what was the point in pen testing, beyond self-serving or malicious intent?
2. Weev did not need to provide Gawker with the entire list of 114,000 user IDs. For all practical purposes, 100 or 10 or 1 would have been sufficient, for Gawker's purposes.
3. Gawker behaved in a grossly irresponsible manner, in accepting the list.

I am sympathetic, and find plausible, the argument that Gawker was equally culpable as Weev. If Weev is prosecuted, deemed guilty and sentenced, the same should apply to Gawker, or whomever made the decision to proceed. It isn't an issue of "Freedom of the Press". Gawker is no Wikileaks. Gawker was crucial in disseminating personal, private information, thus victimizing 114,000 people who had committed no wrong.

I guess that it is easier to argue in favor of Weev, instead of against Gawker. I remain unconvinced that this action. taken by the illustrious group of computer scientists and researchers via the Amicus brief, is the correct way to proceed. Who will file an Amicus brief in defense of any individual who, for example, hacks Google servers, and discloses 114,000 account names and passwords to... I was going to say Al Jazeera or The Jerusalem Post or FARS. But I don't believe that we'd have anything to fear or be concerned about, as Al Jazeera, Jerusalem Post, FARS, any and every decent major or minor media outlet with any professional (or amateur!) code of ethics would not facilitate such a betrayal of trust.

Part of e-discovery, as practiced in the legal profession, includes the tenet that one should only accept and keep the bare minimum necessary of data required to do one's work. Accepting and keeping information creates an obligation and responsibility to do the right thing with it, to safeguard it. In this case, it is the data disclosure that caused damage. The only way to require companies to report breaches is through regulatory law. Is that what the end goal is, in this Amicus? I don't know.

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account