Andrew Alan Escher Auernheimer (// AW-rən-hy-mər; born September 1, 1985), also known by his pseudonym weev, is an American grey hat hacker and Internet troll. He has identified himself using a variety of aliases to the media, although most sources correctly provide his first name as Andrew.
Auernheimer claimed responsibility for the disruption to Amazon's services in April 2009 when many books on gay issues were reclassified as pornography. Amazon claimed that Auernheimer was not responsible for the incident. Even before the Amazon incident, several media publications profiled Auernheimer regarding his hacking and trolling activities, notably The New York Times, in which he claimed to be a member of a hacker group called “the organization,” making $10 million annually. He also claimed to be the owner of a Rolls-Royce Phantom. After the Times story on Auernheimer was published, reporters sought out Auernheimer for commentary on hacking-related stories. Gawker published a story on the Sarah Palin email hacking incident and prominently featured Auernheimer's comments in the title of the story.
AT&T data breach
Auernheimer is a member of the group of computer experts known as "Goatse Security" that exposed a flaw in AT&T security which allowed the e-mail addresses of iPad users to be revealed. Contrary to what it first claimed, the group revealed the security flaw to Gawker Media before AT&T had been notified, and also exposed the data of 114,000 iPad users, including those of celebrities, the government and the military. The actions of this group re-provoked the debate on the disclosure of security flaws. Auernheimer maintains that Goatse Security used common industry standard practices and has said that "we tried to be the good guys". Jennifer Granick of the Electronic Frontier Foundation has also defended the tactics used by Goatse Security.
Shortly after the investigation was opened, Auernheimer's house was raided by the FBI and local police. The FBI search was related to its investigation of the AT&T security breach, but Auernheimer was subsequently detained on state drug charges. Police allege that, during their execution of the search warrant related to the AT&T breach, they found cocaine, ecstasy, LSD, and schedule 2 and 3 pharmaceuticals. He was released on a $3,160 bail pending state trial. After his release on bail, he broke a gag order to protest what he maintained were violations of his civil rights. In particular, he disputed the legality of the search of his house and denial of access to a public defender. He also asked for donations via PayPal, to defray legal costs.
In January 2011, all drug-related charges were dropped immediately following Auernheimer's arrest by federal authorities. The U.S. Justice Department announced that he would be charged with one count of conspiracy to access a computer without authorization and one count of fraud. Although his co-defendant, Daniel Spitler, was quickly released on bail, Auernheimer was initially denied bail due to his unemployment and lack of a family member to host him before being released on $50,000 bail in late February 2011. Auernheimer was incarcerated in the Federal Transfer Center, Oklahoma City in February 2011. A federal grand jury in Newark, New Jersey, indicted Auernheimer with one count of conspiracy to gain unauthorized access to computers and one count of identity theft in early July 2011. In September 2011 he was free on bail and raising money for his legal defense fund.
On 20 November 2012, Auernheimer was found guilty of one count of identity fraud and one count of conspiracy to access a computer without authorization. Auernheimer tweeted that he would appeal the ruling. Alex Pilosov, a friend who was also present for the ruling, tweeted that Auernheimer would remain free on bail until sentencing, "which will be at least 90 days out."
On 29 November 2012, Auernheimer authored an article in Wired Magazine entitled "Forget Disclosure - Hackers Should Keep Security Holes to Themselves," advocating the disclosure of any zero-day exploit only to individuals who will "use it in the interests of social justice."
[...]Aaron dealt with his indictment so badly because he thought he was part of a special class of people that this didn’t happen to. I am from a rundown shack in Arkansas. I spent many years thinking people from families like his got better treatment than me. Now I realize the truth: The beast is so monstrous it will devour us all.
On 18 March 2013, after being found guilty of identity fraud and conspiracy to access a computer without authorization, Auernheimer was sentenced to 41 months in federal prison and ordered to pay $73,000 in restitution. Just prior to his sentencing, he posted an "Ask Me Anything" thread on Reddit; comments such as "I hope they give me the maximum, so people will rise up and storm the docks" and "My regret is being nice enough to give AT&T a chance to patch before dropping the dataset to Gawker. I won't nearly be as nice next time" were cited by the prosecution as justification for the sentence.
Auernheimer is serving his sentence at the Federal Correctional Institution, Allenwood Low, a low-security federal prison in Pennsylvania, and is scheduled for release in January 2016. On July 1, 2013, Auernheimer's legal team filed a brief with the Third Circuit Court of Appeals, arguing that Auernheimer's convictions should be reversed because he had not violated the relevant provisions of the Computer Fraud and Abuse Act.
Political views and critical reception
Auernheimer has published a number of podcasts and keeps a LiveJournal blog in which he offers commentary on racial and cultural issues. His views have proved controversial, causing Philip Elmer-DeWitt to dub him "the ugliest computer hacker". Rolling Stone calls his hacking results racist and homophobic while others have interpreted his work as deliberately offensive humor, with Fox News calling it "offensive and witty detail" and a Forbes author telling readers to "think: Shakespeare's Puck". This interpretation is in dispute, with an Atlantic magazine author calling the Puck reference "oddly generous".
Auernheimer is an advocate for free speech. He defended the satirical wiki Encyclopedia Dramatica in a Ninemsn interview which was cited as "rather brilliant" in an article about Australian Internet censorship published in The Register.
Auernheimer is the former president of the Gay Nigger Association of America, an anti-blogging trolling group who take their name from the 1992 Danish movie Gayniggers from Outer Space. Members of Goatse Security involved with the iPad hack are also members of GNAA. Auernheimer also claimed responsibility for posting a false account of Kathy Sierra's career in 2007 including claims that she was a former prostitute, along with her actual address and Social Security number. This led to her receiving death threats and threats of sexual violence, and her online absence from 2007 through to 2013. Auernheimer has since denied these allegations against him, "I have never done anything to her, and couldn't care less about her one way or the other."
- Wallworth, Adam (19 January 2011). "Fayetteville man charged in e-mail scam". NWA Online. NWA Media. Retrieved 20 August 2011.
- Voigt, Kurt (21 January 2011). "No bail for 2nd iPad e-mail address theft suspect". MSNBC.com. Associated Press. Retrieved 15 February 2011.
- John Leyden (7 July 2010). "AT&T iPad 'hacker' breaks gag order to rant at cops". The Register.
- Mills, Elinor (10 June 2010). "Hacker defends going public with AT&T's iPad data breach (Q&A)". CNET News.
- Elinor Mills (15 June 2010). "Hacker in AT&T-iPad Security Case Arrested". CBS News.
- Thomas, Owen (13 April 2009). "Why It Makes Sense That a Hacker's Behind Amazon's Big Gay Outrage". Gawker.com (Gawker Media). Retrieved 5 February 2010.
- Fowler, Geoffrey A. (14 April 2009). "Did "Weev" Play a Role in Amazon "Error?"". WSJ Blogs (The Wall Street Journal). Retrieved 5 February 2010.
- Thomas, Owen (13 April 2009). "Amazon.com Says 'Embarrassing' Error, Not Hacker, Censored 57,310 Gay Books". Gawker.com (Gawker Media). Retrieved 5 February 2010.
- Schwartz, Mattathias (3 August 2008). "The Trolls Among Us". NYTimes.com (The New York Times Company). Retrieved 5 February 2010.
- Thomas, Owen (3 August 2008). "Journalists do it for the lulz". Gawker.com (Gawker Media). Retrieved 5 February 2010.
- Birch, Alex (8 August 2008). "Interview: Professional Hacker and Troll Weev". Corrupt (CORRUPT.org). Retrieved 5 February 2010.
- Moe (18 September 2008). "Hacker From That Times Story On Palin Emails: "i wish they'd done it properly"". Gawker.com (Gawker Media). Retrieved 5 February 2010.
- Spencer Ante and Ben Worthen (11 June 2010). "FBI Opens Probe of iPad Breach". Wall Street Journal.
- Foresman, Chris (19 January 2011). "Goatse Security trolls were after "max lols" in AT&T iPad hack". Ars Technica. Retrieved 22 November 2012.
- Worthen, Ben; Spencer E. Ante (14 June 2010). "Computer Experts Face Backlash". WSJ.com.
- Tate, Ryan (9 June 2010). "Apple's Worst Security Breach: 114,000 iPad Owners Exposed". Gawker.com (Gawker Media). Retrieved 13 June 2010.
- United States District Court — District Court of New Jersey, Docket: MAG 11-4022 (CCC). Filed with the court 13 January 2011
- Dowell, Andrew (17 June 2010). "Programmer Detained After FBI Search". The Wall Street Journal.
- Mills, Elinor (15 June 2010). "Hacker in AT&T-iPad security case arrested on drug charges". CNET News (CNET News). Retrieved 11 July 2010.
- Perna, Gabriel (17 June 2010). "Arrested Hacker's Web Site Reveals Extremist Views". International Business Times (International Business Times). Retrieved 11 July 2010.
- weev (2010-07-05). "Hypocrites and Pharisees". Goatse.fr.
- "Criminal charges filed against AT&T iPad attackers — Computerworld". 18 January 2011.
- Porter, David (28 February 2011). "Suspect in iPad Data Theft Released on Bail in NJ". ABC News. Associated Press. Retrieved 2 March 2011.
- Stempel, Jonathan (6 July 2011). "iPad hacker Andrew Auernheimer indicted by Newark grand jury". Huffington Post. Reuters. Retrieved 12 September 2011.
- Mills, Elinor (12 September 2011). "AT&T-iPad site hacker to fight it on in court (exclusive)". CNET News. CNET News. Retrieved 12 September 2011.
- Zetter, Kim (November 20, 2012). "Hacker Found Guilty of Breaching AT&T Site to Obtain iPad Customer Data". Threat Level. Wired. Retrieved April 30, 2013.
- "Twitter status, 3:38 PM - 20 Nov 12".
- "Twitter status, 3:32 PM - 20 Nov 12".
- Auernheimer, Andrew (November 29, 2012). "Forget Disclosure — Hackers Should Keep Security Holes to Themselves". Wired. Retrieved April 30, 2013.
- Auernheimer, Andrew (2013-01-23). "iPad Hack Statement Of Responsibility". techcrunch.com. Retrieved 2013-01-28.
- Zetter, Kim (2013-01-23). "iPad Hack Statement Of Responsibility". wired.com. Retrieved 2013-03-18.
- weev (March 17, 2013). "I am weev. I may be going to prison under the Computer Fraud and Abuse Act tomorrow at my sentencing. AMA.". Reddit. Retrieved April 30, 2013.
- Brian, Matt (March 18, 2013). "Andrew 'weev' Auernheimer sentenced to 41 months for exploiting AT&T iPad security flaw". The Verge. Retrieved April 30, 2013.
- Crook, Jordan (March 22, 2013). "Andrew ‘weev’ Auernheimer Obtains New Lawyer, Files Appeal". TechCrunch.
- "Inmate Locator: Register # 10378-010". Federal Bureau of Prisons. Retrieved 1 December 2013.
- Kerr, Orin (July 1, 2013). "Appellant's Brief Filed in United States v. Auernheimer". The Volokh Conspiracy. Retrieved July 5, 2013.
- "Orin Kerr's Appeal Brief for Andrew "Weev" Auernheimer - Another CFAA Case". Groklaw. 2 July 2013. Retrieved 7 July 2013.
- Elmer-DeWitt, Philip (17 June 2010). "The ugliest computer hacker". CNNMoney.com (Cable News Network. A Time Warner Company). Retrieved 18 June 2010.
- Clark, Meredith. "The New Political Prisoners: Leakers, Hackers and Activists". Rolling Stone. Retrieved July 19, 2013.
- "Hacker: I was behind Amazon Gay Book Delisting". Fox News. 14 April 2009. Retrieved 11 December 2010.
- Buley, Talor (13 April 2009). "Amazon: Caught in the act". Forbes (Forbes magazine). Archived from the original on 2 January 2013. Retrieved 11 December 2010.
- Chokshi, Niraj (10 June 2010). "Meet one of the hackers who exposed the iPad security leak". The Atlantic (The Atlantic Monthly Group). Retrieved 11 December 2010.
- Paget, Henri (9 March 2010). "Interview: Encyclopedia Dramatica moderator". Ninemsn (Ninemsn, a Microsoft and PBL Media Company). Retrieved 9 December 2010.
- Oates, John (17 March 2010). "Irate aussies go after US website". The Register. Retrieved 9 December 2010.
- Jane, Emma (5 March 2011). "Ugly trolls set internet freedom in flames". The Australian. Retrieved 29 March 2011.
- Jardin, Xeni (October 20, 2011). "Andrew "Weev" Auernheimer, hacker in AT&T iPad case, on Occupy Wall Street". Boing Boing. Retrieved April 30, 2013.
- Dean, Jodi (2010). Blog Theory: Feedback and Capture in the Circuits of Drive. Cambridge, UK: Polity Press. p. 6.
- "CHILDISH GAMBINO RECRUITS CHANCE THE RAPPER, JHENÉ AIKO AND AZEALIA BANKS FOR BECAUSE THE INTERNET LP". FACT. 10 November 2013. Retrieved 19 November 2013.
- weev's YouTube channel
- weev's LiveJournal
- weev's twitter account
- weev's online dating profile
- Andrew Auernheimer Legal Defense Fund
- Goatse Security website