Andrew Alan Escher Auernheimer (// AW-rən-hy-mər; born September 1, 1985), also known by his pseudonym weev, is an American grey hat hacker and self-described Internet troll. He has identified himself using a variety of aliases to the media, although most sources correctly provide his first name as Andrew.
Auernheimer claimed responsibility for the disruption to Amazon's services in April 2009 when many books on gay issues were reclassified as pornography. Amazon claimed that Auernheimer was not responsible for the incident. Even before the Amazon incident, several media publications profiled Auernheimer regarding his hacking and trolling activities, notably The New York Times, in which he claimed to be a member of a hacker group called “the organization,” making $10 million annually. He also claimed to be the owner of a Rolls-Royce Phantom. After the Times story on Auernheimer was published, reporters sought out Auernheimer for commentary on hacking-related stories. Gawker published a story on the Sarah Palin email hacking incident and prominently featured Auernheimer's comments in the title of the story.
AT&T data breach
Auernheimer is a member of the group of computer experts known as "Goatse Security" that exposed a flaw in AT&T security which allowed the e-mail addresses of iPad users to be revealed. Contrary to what it first claimed, the group revealed the security flaw to Gawker Media before AT&T had been notified, and also exposed the data of 114,000 iPad users, including those of celebrities, the government and the military. The actions of this group re-provoked the debate on the disclosure of security flaws. Auernheimer maintains that Goatse Security used common industry standard practices and has said that "we tried to be the good guys". Jennifer Granick of the Electronic Frontier Foundation has also defended the tactics used by Goatse Security.
Shortly after the investigation was opened, Auernheimer's house was raided by the FBI and local police. The FBI search was related to its investigation of the AT&T security breach, but Auernheimer was subsequently detained on state drug charges. Police allege that, during their execution of the search warrant related to the AT&T breach, they found cocaine, ecstasy, LSD, and schedule 2 and 3 pharmaceuticals. He was released on a $3,160 bail pending state trial. After his release on bail, he broke a gag order to protest what he maintained were violations of his civil rights. In particular, he disputed the legality of the search of his house and denial of access to a public defender. He also asked for donations via PayPal, to defray legal costs.
In January 2011, all drug-related charges were dropped immediately following Auernheimer's arrest by federal authorities. The U.S. Justice Department announced that he will be charged with one count of conspiracy to access a computer without authorization and one count of fraud. Although his co-defendant, Daniel Spitler, was quickly released on bail, Auernheimer was initially denied bail due to his unemployment and lack of a family member to host him before being released on $50,000 bail in late February 2011. Auernheimer was incarcerated in the Federal Transfer Center, Oklahoma City in February 2011. A federal grand jury in Newark, New Jersey, indicted Auernheimer with one count of conspiracy to gain unauthorized access to computers and one count of identity theft in early July 2011. As of September 2011 he was free on bail and raising money for his legal defense fund.
On 20 November 2012, Auernheimer was found guilty of one count of identity fraud and one count of conspiracy to access a computer without authorization. Auernheimer tweeted that he would appeal the ruling. Alex Pilosov, a friend who was also present for the ruling, tweeted that Auernheimer would remain free on bail until sentencing, "which will be at least 90 days out."
On 29 November 2012, Auernheimer authored an article in Wired Magazine entitled "Forget Disclosure - Hackers Should Keep Security Holes to Themselves," advocating the disclosure of any zero-day exploit only to individuals who will "use it in the interests of social justice."
[...]Aaron dealt with his indictment so badly because he thought he was part of a special class of people that this didn’t happen to. I am from a rundown shack in Arkansas. I spent many years thinking people from families like his got better treatment than me. Now I realize the truth: The beast is so monstrous it will devour us all.
On 18 March 2013, after being found guilty of identity fraud and conspiracy to access a computer without authorization, Auernheimer was sentenced to 41 months in federal prison and ordered to pay $73,000 in restitution. Just prior to his sentencing, he posted an AMA on Reddit; comments such as "I hope they give me the maximum, so people will rise up and storm the docks" and "My regret is being nice enough to give AT&T a chance to patch before dropping the dataset to Gawker. I won't nearly be as nice next time" were cited by the prosecution as justification for the sentence.
Political views and critical reception
Auernheimer has published a number of podcasts and keeps a LiveJournal blog in which he offers commentary on racial and cultural issues. His views have proved controversial, causing Philip Elmer-DeWitt to dub him "the ugliest computer hacker". Others have interpreted his work as deliberately offensive humor, with Fox News calling it "offensive and witty detail" and a Forbes author telling readers to "think: Shakespeare's Puck". This interpretation is in dispute, with an Atlantic magazine author calling the Puck reference "oddly generous".
Auernheimer is an advocate for free speech. He defended the satirical wiki Encyclopedia Dramatica in a Ninemsn interview which was cited as "rather brilliant" in an article about Australian Internet censorship published in The Register.
Auernheimer is the former president of the Gay Nigger Association of America, an anti-blogging trolling group who take their name from the 1992 Danish movie Gayniggers from Outer Space. Members of Goatse Security involved with the iPad hack are also members of GNAA. Auernheimer also claimed responsibility for posting a false account of Kathy Sierra's career in 2007, along with her actual address and Social Security number.
Charges of Anti-Semitism
In a 2010 blog post titled "Hypocrites and Pharisees", Auernheimer denied holding anti-Semitic views:
[...] In 2008, I became dissatisfied with the public dialogue on the conflict over Israel. In this debate, the first party says “we must unequivocally support Israel’s genocide of the Palestinian people, crimes against humanity and continued acts of espionage against our nation”. The other party says, “it is complicated.” The first statement is extreme and evil. The second is just plain wrong. I decided to make some videos to balance out the dialogue which consisted largely of support for the absolutely absurd policy of the genocide of Palestinians. So I made some obviously parodic videos consisting of support of the equally absurd policy of genocide of the Jews. Which, besides being an obvious joke, were constitutionally protected speech under Brandenburg v. Ohio.[...]Any attempt to brand me an anti-Semite is idiotic. I have no problem with any person solely because of their Semitic descent. Take a look at my last name, “Auernheimer”.[...]
- Wallworth, Adam (19 January 2011). "Fayetteville man charged in e-mail scam". NWA Online. NWA Media. Retrieved 20 August 2011.
- Voigt, Kurt (21 January 2011). "No bail for 2nd iPad e-mail address theft suspect". MSNBC.com. Associated Press. Retrieved 15 February 2011.
- John Leyden (7 July 2010). "AT&T iPad 'hacker' breaks gag order to rant at cops". The Register.
- Mills, Elinor (10 June 2010). "Hacker defends going public with AT&T's iPad data breach (Q&A)". CNET News.
- Elinor Mills (15 June 2010). "Hacker in AT&T-iPad Security Case Arrested". CBS News.
- Thomas, Owen (13 April 2009). "Why It Makes Sense That a Hacker's Behind Amazon's Big Gay Outrage". Gawker.com (Gawker Media). Retrieved 5 February 2010.
- Fowler, Geoffrey A. (14 April 2009). "Did "Weev" Play a Role in Amazon "Error?"". WSJ Blogs (The Wall Street Journal). Retrieved 5 February 2010.
- Thomas, Owen (13 April 2009). "Amazon.com Says 'Embarrassing' Error, Not Hacker, Censored 57,310 Gay Books". Gawker.com (Gawker Media). Retrieved 5 February 2010.
- Schwartz, Mattathias (3 August 2008). "The Trolls Among Us". NYTimes.com (The New York Times Company). Retrieved 5 February 2010.
- Thomas, Owen (3 August 2008). "Journalists do it for the lulz". Gawker.com (Gawker Media). Retrieved 5 February 2010.
- Birch, Alex (8 August 2008). "Interview: Professional Hacker and Troll Weev". Corrupt (CORRUPT.org). Retrieved 5 February 2010.
- Moe (18 September 2008). "Hacker From That Times Story On Palin Emails: "i wish they'd done it properly"". Gawker.com (Gawker Media). Retrieved 5 February 2010.
- Spencer Ante and Ben Worthen (11 June 2010). "FBI Opens Probe of iPad Breach". Wall Street Journal.
- Foresman, Chris (19 January 2011). "Goatse Security trolls were after "max lols" in AT&T iPad hack". Ars Technica. Retrieved 22 November 2012.
- Worthen, Ben; Spencer E. Ante (14 June 2010). "Computer Experts Face Backlash". WSJ.com.
- Tate, Ryan (9 June 2010). "Apple's Worst Security Breach: 114,000 iPad Owners Exposed". Gawker.com (Gawker Media). Retrieved 13 June 2010.
- United States District Court — District Court of New Jersey, Docket: MAG 11-4022 (CCC). Filed with the court 13 January 2011
- Dowell, Andrew (17 June 2010). "Programmer Detained After FBI Search". The Wall Street Journal.
- Mills, Elinor (15 June 2010). "Hacker in AT&T-iPad security case arrested on drug charges". CNET News (CNET News). Retrieved 11 July 2010.
- Perna, Gabriel (17 June 2010). "Arrested Hacker's Web Site Reveals Extremist Views". International Business Times (International Business Times). Retrieved 11 July 2010.
- weev (2010-07-05). "Hypocrites and Pharisees". Goatse.fr.
- "Criminal charges filed against AT&T iPad attackers — Computerworld". 18 January 2011.
- Porter, David (28 February 2011). "Suspect in iPad Data Theft Released on Bail in NJ". ABC News. Associated Press. Retrieved 2 March 2011.
- Stempel, Jonathan (6 July 2011). "iPad hacker Andrew Auernheimer indicted by Newark grand jury". Huffington Post. Reuters. Retrieved 12 September 2011.
- Mills, Elinor (12 September 2011). "AT&T-iPad site hacker to fight it on in court (exclusive)". CNET News. CNET News. Retrieved 12 September 2011.
- Zetter, Kim (November 20, 2012). "Hacker Found Guilty of Breaching AT&T Site to Obtain iPad Customer Data". Threat Level. Wired. Retrieved April 30, 2013.
- "Twitter status, 3:38 PM - 20 Nov 12".
- "Twitter status, 3:32 PM - 20 Nov 12".
- Auernheimer, Andrew (November 29, 2012). "Forget Disclosure — Hackers Should Keep Security Holes to Themselves". Wired. Retrieved April 30, 2013.
- Auernheimer, Andrew (2013-01-23). "iPad Hack Statement Of Responsibility". techcrunch.com. Retrieved 2013-01-28.
- Zetter, Kim (2013-01-23). "iPad Hack Statement Of Responsibility". wired.com. Retrieved 2013-03-18.
- weev (March 17, 2013). "I am weev. I may be going to prison under the Computer Fraud and Abuse Act tomorrow at my sentencing. AMA.". Reddit. Retrieved April 30, 2013.
- Brian, Matt (March 18, 2013). "Andrew 'weev' Auernheimer sentenced to 41 months for exploiting AT&T iPad security flaw". The Verge. Retrieved April 30, 2013.
- Crook, Jordan (March 22, 2013). "Andrew ‘weev’ Auernheimer Obtains New Lawyer, Files Appeal". TechCrunch.
- Elmer-DeWitt, Philip (17 June 2010). "The ugliest computer hacker". CNNMoney.com (Cable News Network. A Time Warner Company). Retrieved 18 June 2010.
- "Hacker: I was behind Amazon Gay Book Delisting". Fox News. 14 April 2009. Retrieved 11 December 2010.
- Buley, Talor (13 April 2009). "Amazon: Caught in the act". Forbes (Forbes magazine). Retrieved 11 December 2010.
- Chokshi, Niraj (10 June 2010). "Meet one of the hackers who exposed the iPad security leak". The Atlantic (The Atlantic Monthly Group). Retrieved 11 December 2010.
- Paget, Henri (9 March 2010). "Interview: Encyclopedia Dramatica moderator". Ninemsn (Ninemsn, a Microsoft and PBL Media Company). Retrieved 9 December 2010.
- Oates, John (17 March 2010). "Irate aussies go after US website". The Register. Retrieved 9 December 2010.
- Jane, Emma (5 March 2011). "Ugly trolls set internet freedom in flames". The Australian. Retrieved 29 March 2011.
- Jardin, Xeni (October 20, 2011). "Andrew "Weev" Auernheimer, hacker in AT&T iPad case, on Occupy Wall Street". Boing Boing. Retrieved April 30, 2013.
- Dean, Jodi (2010). Blog Theory: Feedback and Capture in the Circuits of Drive. Cambridge, UK: Polity Press. p. 6.
- weev's YouTube channel
- weev's LiveJournal
- weev's twitter account
- weev's online dating profile
- Andrew Auernheimer Legal Defense Fund
- Goatse Security website