Tell your friends

 This email address is being protected from spambots. You need JavaScript enabled to view it.
(732) 872-1957

AHH 24-Hr. News

Two Education Officials Join Brookdale Board
Saturday, 22 November 2014
LINCROFT, NJ – Dr. Henry Cram of Long Branch and Paul Crupi of Ocean were sworn in as the newest members of the Brookdale Community College board of trustees during the board’s Nov. 20 annual meeting in Lincroft. Cram, a former teacher, college... Read More...
Lots of Holiday Cheer at the Art Alliance
Saturday, 22 November 2014
100 Square Inches, Betsey Regan, And the Artisan Show & Sale RED BANK, NJ - Hate waiting for the show to end so you can get that art piece you love? As a gift for the holidays, the Art Alliance will let you buy a work in the gallery and... Read More...
Novelist Julia Alvarez to Speak at Brookdale
Saturday, 22 November 2014
LINCROFT, NJ – Community members of all ages are invited to an evening with award-winning novelist Julia Alvarez at Brookdale Community College’s Collins Arena on Tuesday, Nov. 25 from 7 to 9 p.m. The discussion will center on Alvarez’s... Read More...
IMAGE The Community YMCA Bayshore Family Success Center “Ties” Itself to New Community at Their Open House in Leonardo
Friday, 21 November 2014
Photo: The staff of the Bayshore Family Success Center with The Community YMCA President and CEO Rhonda Anderson, at the ribbon tying during their open house on November 20.  Pictured L-R are: Alicia Maresco, Megan Kelly, Rhonda Anderson,... Read More...
Major Loophole in NJ Microbeads Ban Legislation
Friday, 21 November 2014
5 Gyres, NY/NJ Baykeeper, and Clean Ocean Action support alternative Keyport, N.J. - New Jersey Bill S2178 would phase out plastic microbeads in personal care products such as toothpastes and exfoliating face washes, beginning January... Read More...

Columns

IMAGE Chronic Fatigue Syndrome Often Not Believed
by Daniel J. Vance
Saturday, 22 November 2014
Chronic Fatigue Syndrome (CFS), also called Chronic Fatigue Immune Dysfunction Syndrome, had Carl Miller of Georgetown, Ohio, and his doctors,... Read More...
IMAGE Imparted Concepts
by George Hancock-Stefan
Friday, 21 November 2014
I heard on the news that a baseball player, Giancarlo Stanton, received the highest salary that has ever been paid ($325 million over 13... Read More...
IMAGE Review - Interstellar
by David Prown
Friday, 21 November 2014
I was definitely not jonesing to see "Interstellar" as I'm not really a big special effects guy however I've always liked space movies. My son saw it... Read More...
IMAGE Take It From Snoopy
by Anne Mikolay
Thursday, 20 November 2014
Recently, I cleaned out a trunk full of ancient artifacts from my high school days and came across a little book titled “Happiness is a warm... Read More...
IMAGE Happy Birthday to a Group Very Special to Atlantic Highlands
by Jack Archibald
Thursday, 20 November 2014
This column typically avoids mentioning birthdays, as each of us is special and our birthday is something to be celebrated.  But a recent... Read More...

Upcoming Events

Sat Nov 22 @10:00AM - 12:00AM
Chess Class - AH
Mon Nov 24 @11:00AM - 01:00PM
Diabetes Awareness Day
Wed Nov 26 @ 9:30AM - 10:00AM
Baby Story Time Ages 10 – 24 months
Wed Nov 26 @10:30AM - 10:50AM
Toddler Story Time Ages 2 & 3
Thu Nov 27 @ 9:00AM - 11:00AM
Middletown Mayor Open Office Hours

NEWARK, NJ—The head of a self-described “security research” hacking group was sentenced today to 41 months in prison for breaching AT&T’s servers, stealing e-mail addresses and other personal information belonging to approximately 120,000 Apple iPad users, and disclosing that information to an Internet magazine, U.S. Attorney Paul J. Fishman announced.

Andrew Auernheimer, 27, of New York, was convicted November 20, 2012, on both counts of a superseding indictment: conspiracy to access AT&T’s servers without authorization and disclose that information to a reporter at Gawker magazine and possession and transfer of means of identification for more than 120,000 iPad users. Auernheimer was tried before U.S. District Judge Susan D. Wigenton, who imposed the sentence today in Newark federal court. His co-conspirator, Daniel Spitler, 27, of San Francisco, California, previously pleaded guilty to the same charges and is awaiting sentencing.

“Andrew Auernheimer knew he was breaking the law when he and his partner hacked into AT&T’s servers and stole personal information from unsuspecting iPad users,” U.S. Attorney Fishman said. “When it became clear that he was in trouble, he concocted the fiction that he was trying to make the Internet more secure and that all he did was walk in through an unlocked door. The jury didn’t buy it, and neither did the court in imposing sentence upon him today.”

“Auernheimer coordinated a self-serving cyber attack on a United States corporation and tens of thousands of innocent customers, in order to promote his business,” FBI Acting Special Agent in Charge David Velazquez said. “Immediately after the attack he attempted to hide all the evidence. Auernheimer’s conviction and today’s sentence signifies the continued and growing efforts of the U.S. Attorney’s Office and the FBI in investigating and prosecuting computer hacking and intellectual property crimes.”

According to documents filed in this case and the evidence at trial:

The iPad is a touch-screen tablet computer, developed and marketed by Apple Computers Inc., that allows users to, among other things, access the Internet and send and receive e-mail. Since its introduction in January 2010, AT&T has provided iPad users with Internet connectivity via AT&T’s 3G wireless network. During the registration process for subscribing to the network, a user is required to provide an e-mail address, billing address, and password.

Prior to mid-June 2010, AT&T automatically linked an iPad 3G user’s e-mail address to the Integrated Circuit Card Identifier (ICC-ID), a number unique to the user’s iPad, when he or she registered. Every time a user accessed the AT&T website, the ICC-ID was recognized and the e-mail address was automatically populated for faster, user-friendly access to the site. AT&T kept the ICC-IDs and associated e-mail addresses confidential.

At that time, when an iPad 3G communicated with AT&T’s website, its ICC-ID was automatically displayed in the Universal Resource Locator, or URL, of the AT&T website in plain text. Seeing this, and discovering that each ICC-ID was connected to an iPad 3G user e-mail address, hackers wrote a script termed the “iPad 3G Account Slurper” and deployed it against AT&T’s servers.

The Account Slurper attacked AT&T’s servers for several days in early June 2010 and was designed to harvest as many ICC-ID/e-mail address pairings as possible. It worked by mimicking the behavior of an iPad 3G so that AT&T’s servers would be deceived into granting the Account Slurper access. Once deployed, the Account Slurper used a process known as a “brute force” against the servers, randomly guessing at ranges of ICC-IDs. An incorrect guess was met with no additional information, while a correct guess was rewarded with an ICC-ID/e-mail pairing for a specific, identifiable iPad 3G user.

From June 5, 2010 through June 9, 2010, the Account Slurper stole for its hacker-authors approximately 120,000 ICC-ID/e-mail address pairings for iPad 3G customers.

Immediately following the theft, the hacker-authors of the Account Slurper provided the stolen e-mail addresses and ICC-IDs to the website Gawker, which published the stolen information in redacted form, along with an article concerning the breach. The article indicated that the breach “exposed the most exclusive e-mail list on the planet,” and named a number of famous individuals whose e-mails had been compromised, including Diane Sawyer, Harvey Weinstein, New York Mayor Michael Bloomberg, and then-White House Chief of Staff Rahm Emanuel. The article also stated that iPad users could be vulnerable to spam marketing and malicious hacking. A group calling itself “Goatse Security” was identified as obtaining the subscriber data.

Goatse Security is a so-called “security research” group, composed of Internet hackers, to which both Spitler and Auernheimer belonged.

During the data breach, co-defendant Daniel Spitler and Auernheimer communicated with one another using Internet Relay Chat, an Internet instant messaging program. Those chats not only demonstrated that Spitler and Auernheimer were responsible for the data breach, but also that they conducted the breach to simultaneously damage AT&T and promote themselves and Goatse Security. As the data breach continued, so, too, did the discussions between Spitler, Auernheimer, and other Goatse Security members about the best way to take advantage of the breach and associated theft. On June 10, 2010, immediately after going public with the breach, Spitler and Auernheimer discussed destroying evidence of their crime.

In addition to the prison term, Judge Wigenton sentenced Auernheimer to three years of supervised release and ordered him to pay restitution of $73,162.

U.S. Attorney Fishman credited special agents of the FBI, under the direction of Acting Special Agent in Charge David Velazquez in Newark, with the investigation leading to the charges. He also thanked special agents of the FBI, under the direction of then-Special Agent in Charge Valerie Parlave in Little Rock, Arkansas, and the U.S. Attorney’s Office for the Western District of Arkansas, under the direction of U.S. Attorney William Conner Eldridge.

The government is represented by Executive Assistant U.S. Attorney Michael Martinez and Assistant U.S. Attorney Zach Intrater of the Computer Hacking and Intellectual Property Section of the U.S. Attorney’s Office Economic Crimes Unit.