

EFF Joins Andrew Auernheimer Case on Appeal - molowhq
https://www.eff.org/press/releases/eff-joins-andrew-auernheimer-case-appeal

======
darkchasma
I was hoping they wouldn't, this isn't the guy I want to rally behind. He's
foul, delusional, at best grey hat, and apparently a pharmacologist on the
side. The EFF needs to pick its battles better. Double down on cases like
Aaron's, and let this guy hang on his own stupidity.

~~~
david_shaw
This is such a tough issue for me.

On one hand, I absolutely support the cause that the EFF is trying to
champion. It reminds me of the classic case in the American free speech vs.
hate speech debate: should Nazis be allowed to organize a peaceful rally to
further their thinly-veiled racist ideals?

I have had personal interaction with weev for years, and while I don't think
he's _vile_ per se, he is most definitely not the ideal that the EFF and other
groups should rally behind to bring this fight to the limelight... mostly
because he's not likable. It disgusts me to say it, but it's true: if you want
public support, you need a likable figurehead.

In the end, though, I can't fault the EFF. As the famous Hall quote states:

    
    
         "I disapprove of what you say, but I 
         will defend to the death your right to 
         say it."

~~~
rhizome
Since it's the majority opinion at this early stage of the thread, what
exactly is the ideal being sought?

~~~
jamesaguilar
The ideal is: you should be legally allowed to fetch and use any public
document on internet, even if you know or should know its owner intended it to
be private.

~~~
smtddr
> _you should be legally allowed to fetch and use any public document on
> internet, even if you know or should know its owner intended it to be
> private._

That's a bit too general isn't it? If I hacked H&R Block and gave the tax
documents of 5,000 people to journalist should I not face some kind of
consequence? Not that I'm on AT&T's side on this; just saying the line needs
to be drawn somewhere. Revealing emails, to me, shouldn't be a crime at all.
Revealing the kind of info found on tax-forms however should have some kind of
penalty.

~~~
bigiain
"If I hacked H&R Block and gave the tax documents of 5,000 people to
journalist should I not face some kind of consequence?"

As I see it - if H&R Block had a public webserver which used an easily
innumerable url to "protect" the tax documents of 5000 people - it's H&R Block
who should be "facing the consequences".

Ignoring for a moment the distraction about weev's likableness and/or
character, where's the outrage against AT&T for their part? If it's been a
teenaged scriptkiddie from somewhere that US jurisdiction (and oil interests)
don't reach (like most of these WordPress admin logins my fail2ban config is
seeing these last few days), wouldn't it be _much_ more obviously AT&T's
"fault"?

Hell, where I live it's an offense to leave your car unlocked :
[http://www.police.nsw.gov.au/community_issues/crime_preventi...](http://www.police.nsw.gov.au/community_issues/crime_prevention/public_transport_and_traffic)
(scroll down to the first bullet point under "Help Stop Car Theft"). Why isn't
someone at AT&T facing jail time here?

~~~
AnthonyMouse
>Ignoring for a moment the distraction about weev's likableness and/or
character, where's the outrage against AT&T for their part?

There's the rub though. AT&T isn't a human, so who do you punish? You can fine
AT&T the company, but that's not punishing the people who left the site like
that, it's punishing the stockholders. Stockholders really don't like to be
liable for the actions of fairly low level subordinates like that, and they
have the political influence to make sure that doesn't happen. You could try
to go after the specific admins who set up the site insecurely, but they're
not unsympathetic people. The ones who do things like this are mostly people
who are overworked or poorly trained through no fault of their own. The people
who are really at fault, then, are the ones who hired admins without proper
training or experience or put so much workload on them that they couldn't
adequately do their jobs, but now you're talking about corporate executives
who (like stockholders) don't like to be personally liable for the actions of
subordinates and who have the political influence to make sure that doesn't
happen.

So we're left with a situation where there is no one good to punish, but we
have to punish _someone_ , don't we? Something bad has happened! So we kill
the messenger. The messenger doesn't have any lobbyists on staff.

What's missing from all this is that we really don't have to punish anyone.
Just let the vulnerabilities be published. Companies don't want to hear that
because it very publicly makes them look as dumb as they are, but if they
can't stop it by threatening anyone with prison then the only way they can do
it is by maintaining secure systems. Which means they will, or they'll face
the penalties of the court of public opinion.

Where in this dynamic is there a need for intervention by the federal prison
system?

