Goatse Security

Gaping Holes Exposed

FBI arrests Goatsec members on conspiracy, fraud charges

5 Comments »


Today, Jan. 18th, Andrew Auernheimer and Daniel Spitler were brought
into custody on the basis of a federal criminal complaint of a highly
dubious and unsettling nature. The complaint alleges that the two were
responsible for gross crimes of conspiracy to hack computers and
fraud. Let's examine the government's case.

The gist of what supposedly transpired is this: in the summer of 2010,
Spitler created a PHP script to harvest email addresses of people who
purchased a 3G iPad. This was accomplished very simply, because AT&T
had set up a web service that would match a given ICC-ID (SIM card
serial number) to an email address. This was to make the sign-up
process for people who just purchased their new iPads easier, since it
would pre-fill their email address in the registration form. Due to
sloppiness on the part of AT&T web engineers, there was no rate
limiting, user agent checking or any other mechanism to prevent
someone from simply taking a random ICC-ID and adding one to it, over
and over (the FBI calls this "hacking"). Since AT&T's ICC-IDs were
more or less sequential, assembling a list of email addresses was
quite straightforward.

The only information that could have been gleaned from this process
was ICC-IDs (which are totally useless) linked to email addresses
(which are not private information). That's all. The only reason we
are even hearing about this is because Andrew is a clever fellow who
likes to make very embellished and sensational claims as a form of
ironic humor, and he was able to convince some people in the media to
make a big deal about the whole situation. This made AT&T look bad,
and their customers concerned, both of which outcomes are to be
expected.

Apparently, it seems making AT&T lose face is a heinous offense,
justifying seven months of investigation by the FBI and many, many
grand jury sessions at great taxpayer expense. Several people were
raided by federal and state agents to search for evidence relating to
the email harvesting. The FBI engaged in standard harassment practices
and blanket subpoenas to pursue their case, refused to allow
Auernheimer to see his warrant (claiming "national security" concerns)
and intimidated his girlfriend and potential employers. There is
certainly a history of AT&T doing favors for the FBI (warrant-less
wiretapping for example). I am not saying there is evidence of a grand
conspiracy here, but it looks an awful lot as though AT&T was mad and
got their FBI pals to make the lives of Auernheimer and Spitler
unpleasant.

The criminal complaint charges the two with illegally accessing AT&T's
computers which are classified as "protected computers" under USC
title 18, 1030(e)(2). This law written in 1986 defines a "protected
computer" (implying greater penalties) as one that is accessible
across state lines, which would now include any machine hooked up to
the internet. The servers are described as having been "fooled into
believing that they were communicating with an actual iPad 3G and
wrongly granted the Account Slurper access to AT&T's servers". No
access was granted or requested, no machines were "fooled" (whatever
that means), and the machines were already accessible from anyone with
an internet connection because they were web servers. They say this
was accomplished without authorization from AT&T, even though that
point means nothing since all "legitimate" users were not granted
explicit authorization either.

In fact, when you examine the facts presented in the criminal
complaint, it's amazing that the DOJ would even waste their time with
a case with a flimsy house of cards presented as evidence.

The complaint cites news articles quoting Andrew's fantastical
hyperbole about the security group's actions. There are
well-documented cases of the media believing all sorts of ridiculous
computer security tripe and publishing it without fully comprehending
what they are writing about. If the FBI is going off of such stories
and respected news outlets such as a blog devoted to publishing gossip
on Silicon Valley, one really wonders how informed they are. I imagine
they know what they are doing, but include it anyway because it makes
their case look stronger to the poor judge who's time is being
wasted. Also cited is Andrew's LiveJournal, to which I must say "LOL"
("LOL" and its variants stand for laughing out loud, notes the
complaint in one of many hilarious footnotes).

They go on to bring up past interviews in which Andrew, undoubtedly
under the influence of powerful narcotics at the time, makes up absurd
shit to see how much the clueless reporter will print. Anyone who is
at all familiar with Andrew or similar persons can immediately
recognize the quotes as ironic bullshitting, but the media and FBI are
hopelessly out of the loop when it comes to such things and actually
take his statements at face value. His past statements such as "I want
everyone off the internet" are apparently used to imply his guilt in
the present.

The Goatsec website is mentioned as stating Auernheimer among other
things as writing "Ruby while living in SF SoMa" which is a dig at
Spitler's homosexuality which became a topic during the grand jury
trial, although it is couched in so many layers of in-jokes to make
such a statement impenetrable by most people, which is true of almost
all statements that are quoted in the complaint.

IRC LOGS:

The only actual "evidence" presented of wrongdoing in the entire
complaint is "150 pages" of IRC logs provided by a confidential
source. Perhaps they are relying on the fact that the jury will
consist of people who have no idea what IRC is or why one should not
treat what is basically a text file from an anonymous source on the
internet as the basis for locking someone up for 10 years.

Unbelievably, the FBI actually subpoenaed Goatsec member "Rucas the
Earthworm" to appear before a grand jury in New Jersey to defend
himself for advising people to throw their computers in the river,
accusing him of advising people to destroy evidence.

The rest of the complaint is filled with hearsay and non-facts with a
number of downright fabrications. In one footnote, the agent preparing
the report notes that "the phrase 'D8' means to be deeply involved in
an activity or to perform an activity to the fullest extent possible."
Since "D8" is just a frowny face on its side, one can only conclude
that this and other facts are being made up wholesale.

The criminal charges being levied against Spitler and Auernheimer are
disconcerting for a number of reasons; most notably the concept of
charging someone with conspiracy on the basis of IRC logs. As
explained earlier, IRC logs are hardly difficult to make up, alter or
attribute to other persons. To say nothing of the very idea of
conspiracy as a crime itself. The fact that the conspiracy charge is
thrown in usually indicates that the prosecution doesn't actually have
any hard evidence of a real crime being committed, so they resort to
trying to pin thought-crime charges on their victims instead. It is
not my intention to be alarmist, but all citizens of any country
should be greatly concerned when corporations are able to get law
enforcement to arbitrarily enforce overly broad laws to silence and
punish anyone they deem an annoyance.

Thanks for reading,
Jason Gates

 

 

5 Responses

[...] Ce billet était mentionné sur Twitter par Jeffrey Paul. Jeffrey Paul a dit: please RT! “@Gary_Niger: http://security.goatse.fr/fbi-arrests-goatsec-members FBI arrests Goatsec members on conspiracy, fraud charges” [...]

  • [...] niet zeker wisten of hun acties strafbaar waren, maar er uiteindelijk toch mee doorgingen. In een reactie laat Jason Gates van Goatse Security weten dat hij het zorgelijk vindt dat een makkelijk te [...]

  • [...] discuss the hack. These logs suggest that they were not sure whether their actions were criminal. Jason Gates from Goat Security said to be worried about the fact that text files can be easily manipulated. He [...]

  • The internet is with a doubt growing into the most important medium of communication across the globe and its due to sites like this that ideas are spreading so quickly.

  • Yours is one of the small handful of pages that runs well on my new Ipad. Bravo :)

  • Leave a Reply

    Switch to our mobile site