So this morning, I read
this, and am boiling mad about it.
Behind that link you will find a 'statement of responsibility', penned by Andrew Auernheimer, otherwise known as 'weev'. Auernheimer was recently convicted of identity theft and cracking, and is awaiting sentencing. The letter is his court-mandated admission of culpability (but it probably isn't what the prosecutors would have expected him to write.)
Briefly, weev discovered that AT&T had published the email addresses of everyone who had a 3G iPad with them. He took this information to a reporter at Gawker, including a sample of the addresses. When Gawker published an article on the vulnerability, including some redacted addresses, the FBI jumped all over weev with hob-nailed boots.
The case bears some striking similarities with that of the late lamented Aaron Swartz. The information weev was convicted of illegally accessing was publicly accessible via AT&T's own API, just as Swartz's JSTOR dump was something he had free access to as a Harvard faculty member. In both cases prosecutors acted, in my opinion, out of all proportion to the offences. It is no exaggeration to say that Swartz was hounded to his death, and it looks like weev is being targeted in much the same way.
(It's worth remembering the number of HSBC bankers who have been sent to jail for billions of dollars of money laundering on behalf of murderous drug cartels (0) or the number of CIA agents who have been sent to jail over government-sanctioned torture (1 - the guy who blew the whistle.))
I bring this up here because we can debate whether these guys were
naughty or not - weev went to the press, Swartz wanted to liberate the JSTOR data, Al-Khabaz acted pretty unwisely - but I don't think there's any debate about the completely disproportionate response in each case. No harm was done, but the reaction of the establishment to a clever young person pointing out what's wrong with their systems is nevertheless to try to crush them like an insect.
These are the people who are going to build the next Google or Apple or Twitter, or they might be the people who find ways to engineer a better and safer society. If we don't manage to kill them or jail them first.