Deep Dive
- Andrew Auernheimer was born in 1985 in Arkansas and described as an unusually bright kid.
- At 14, he enrolled in university to study mathematics but dropped out to focus on computers.
- He gained notoriety for his provocative online persona and extremist rhetoric.
Shownotes Transcript
By two thousand eleven, poor eglinton life was, to put IT mildly, a miss as a Young twenty something. He dreampt of making IT big in show biz. But at thirty two years old, after a long stint as a production manager in new york on broadway, the glamour of theater had lost its luster.
I was, I was to sell out, right? And because I was like, what I was like, what can I do when, at that point, your life, when you know your life, I know I need to make money, and I just arrive and I need to a future.
This illusion tour traded the drama of shakespeare for the steady paycheck of a junior associate in a big new york city corporate firm specializing in commercial insecurity litigation. On the outside, he might have looked like a success, but inside he was anything but.
I, about five years, maybe an alcoholic IT was measure more. I've never been so unhappy.
Tour decided to quit his job and become a criminal defense slaw yer, which found to be a bit more exciting than dealing with securities. The only problem was that he had absolutely no experience in criminal law and couldn't get any clients. So as he was turning forty towards, life was basically falling apart. He was broke and alcoholic, and his marriage was rapidly departed. But sometimes when you are at your lowest point, life has a way of throwing you a curvy.
And that was right about the time ocp y wall street was happening. And my wife at the time was starting her thought of during his career. And SHE since become very successful from pitch your time, he should all the but SHE was just starting out so he was shooting occupy wall street um because her for the general styles like ethnological.
And one of the ways that he gets her shots is he spends a lot of time just like talking to people and getting to know them. So SHE gets access, my really class access. So there's the sky at um occupy wall street holding a sign that says zinias pigs will kill us all.
Hi, i'm ran levy. Welcome to sib reasons, militias life.
The guy with the sign was Andrew Allen ash oran heiman, but known as weave. He was born in nineteen eighty five in arkansas. His parents described him as an unusually bright kid.
Money was just fourteen years old. Andrew enrolled at James medicine university to study mathematics, although he dropped out after two years to focus on his real passion, computers. Even as a kid, Andrew had a special talent for pissing off everyone around him.
Years later, in an interview for a podcast apple named offensive, he recalled story from when he was only ten years. So quote, I liked to play muds when I was a kid. These are like ancient text based role playing games.
I found this mud that had an inter gor underflow in the character creation process, where you could type minus one. And that specific statistic would be two hundred and fifty five. I made a script to create a character, this super overpowered character, that could kill everybody in the game.
I killed the entire player base of the smart IT was fun to like, totally ruin the scheme. And quote, IT was a pattern that would repeat throughout Angel's life, boundless intelligence pared with an insatiable urge to provoke. As he carved out his online persona, Andrew chose handle evil, evil later shortened to weave, not for simplicity, but because IT made IT easier to climb to the top of google search results.
If Andrew was going to provoke the world, he wanted to make sure everyone could find him and provoke. He did on his blog and across various online forms, we've became notorious for his inflammatory extremist rhegium. In one post from two thousand and eight, he wrote, quote, for evolution to work, we must remove unfit species from the breeding pool.
The physically unfit by birth should be exterminated in infancy uh, physically unfit by accident and mentally unfit should not be supported by the state, forcing them to find a sustainable and simple with life. And for most people, views like this would Spark universal condemnation. For we've they were just another way to write people up.
IT didn't seem to care whether people in admired him or hated him. What matter was that they noticed him? And by two thousand and seven, the public began to take notice. That year, we've was involved in one of the internet s earliest high profile cyber bullying incidents.
The target was Cathy era, fifty seven year old blogger and programing in structure, or Cathy, had angered tools when he urged bloggers to moderate reader comments to create healthier, less toxic online spaces to weave. That was a declaration of war. He retaliated viciously.
We've posted Cathy's home address and social security number online and fabricated the claims that he was a former prostitute. He encouraged other tools to join in, flooding casey with a turn of harassment. SHE became a target for identity, fifth, and the rape and death threats came by the hundreds.
The on slot was so relentless, Catherine felt he had no choice but to withdraw from public life. SHE stopped blogging, cancelled her speaking engagements and disappeared from the internet for some six years. IT was sweater first, brush with infinity and a preview of the kills. He would go on to english.
Somewhere along the way, he stumbled across a group that perfectly aligned with his ethos of provocation, the gain association of america, or G N W, its members took their accuse from one hundred and ninety to vanish certification. I film about intellective homosexual black men from the planet and is set up as absurd as their own antics. G N W S.
Trolling campaigns spared. No, they pammed blogs created shark side filled with nowhere. And he faced barac obama's campaign website. After hurricane Sandy, they spread fake news to sow panic and confusion. The more caused they caused, the more they reveal in IT.
For we've discovering the G, N, W, A was a revelation, the level of dedication applied to causing shit on the internet. IT was mind blowing. He later recalled.
I was like, holy shit. IT wasn't long before we've became a full fledged member of the group, and eventually it's president. With a few like minded members of the G N W A, we've cofounded a security research group with the name is informal as its trolling roots goat security.
The name referenced a notorious obsess internet image, and the group's moto keeping holes exposed was equal parts juvenile humor and emission statement. We ve doesn't consider himself a highly sophisticated hacker, though, by his own admission, quote, seventy percent of the things that have done that have hit internationally syndicated press I did with best scripts that were so poorly they would make any decent programme. R crich.
Encode what we've lacked in finance, though made up for with knowledge and dogging persistence. In two thousand and ten goaty security made waves by uncovering a flaw in firefox that left the browser acceptable to cross site scripting attacks and a similar one in apple's safari. The group's discoveries struggled a strange line between genuine security research and the killing .
kills we've thrived on.
In early two thousand and ten, apple unveiled a game change the ipad sleep. Powerful and futuristic, IT quickly became a must have gadget, but to truly and lesh its potential, users needed internet connectivity. Apple partner with eighteen p to offer an unlimited 3g data plan for thirty dollars a month, a bill too good to pass up for many early adopters.
Among those eying the new device was Daniel spitler, a member of gold sea security. There was just one problem. Spitler couldn't afford an ipad still that didn't stop him from trying to take advantage of a nds tempting data plan.
He purchased a sim card similar to the ones used in ipad and insert IT into another device, hoping to trick A T N T into winding him access. But A T N T system wasn't so easily food, the same card required registration through an actual ipad before the network would activate the plan. Determined to find the work around spitler began poking around the ipad Operating system, trying to reverse engineer the registry ration process.
He discovered that during registration, ipad contacted A T service through a specific you are well campaign unique identifier called an I C C I D or integrated circuit card. Identify the I C C I D was tied to the sim card and each one was unique. Spitler experimented sending a request to a services with his I C C I D.
At first nothing happened, but then he realized the servers weren't responding because his request didn't interpret or to be coming from an ipad. By spoofing the user agent field of his request to make IT look like IT originated from an ipad succeed, A T N T activated the plan. While testing the process, spitler noticed something curious.
A N T system was designed to how to fill the logging form with the users email, which was tied to their unique I C C I D. So when he created eighteen these servers with I C C I D, they sent back his email address. That's when spitler had an idea.
If the service is responded with an email for one I C C I D, what would happen if he incremental the I C C I D and sent another request? He wrote a script called account slipper to automate the process, and within hours he had collected one hundred and fourteen and thousand email advises. This wasn't just any collection of email advises.
IT was a whose and whose of high profile ipad users, media executives, politicians, celebrities. The list included new york times C, E O genet Robinson, A B, C news anchor dian sawyer, and even new york city mayor Michael bloomberg. Spitler shared his findings with his goat sea security peers, including weave, ever the showmen.
We've shown opportunity for maximum impact. While spitler had done the technical network, we've took charge of publicity. He crafted an email to several journalists using their own exposed email address to grab their attention. The subject line, hi, I stole your email from A T want to know .
how gok r broke the .
story in june two thousand and ten with the headline apple's worst security breach, one hundred and fourteen thousand ipad owners exposed. The article was a bomb shell embarrassing both A T N T and apple. A T N T, already notorious for poor service, was now publicly humiliated for exposing its most valuable customers.
But the celebration that goes security didn't last long. A few weeks later, the FBI rated leaves home in feets vio, arkansas, and arrested him after struggling to scrape together enough bail. We've was eventually released from custody, but the chAllenges didn't end there with no job and no steady income, he couldn't afford an attorney to represent him.
In the case, he had been assigned a federal defender who urged him to accept plea bargain. In fact, Daniel spitler, his accomplish, agreed to such a deal and was sentenced to twelve months in prison. The prosecution in waves case was asking for the maximum prison term under the law five years, but we've had no intention of signing any deals.
He wrote the following in his blog quote, after meeting with upwards of hundred atterley, I had resigned myself to running my case, representing myself. I had only met a single competent atterley who understood the legal issues attend in the case, but he wanted a six figure sum to do IT. After several years of nonstop federal harassment, I had not a dime to my name left.
I went to the cody park and started rolling, possibly with an inflammatory sign about the zone's occupation government. As a result, I met tour england. Cyber attacks are inevitable, but every minute counts. Reverse the adversary advantage with efficiency and efficency detect in one minute, triaged in five minutes, and remediate in thirty minutes. This is only possible with sib reasons. Malicious Operation centric approach built with the most advanced A I and strongest lair defense the highest rated solution like matter attack no one accept anything less sib reason E P P E D R M D R X D R N sdr future proving your security Operations visit sib reason that come.
So my wife goes up to him and says, you know, you're not going to a be really popular in this town with that kind of sign. You know.
true to form, we've wasn't trying to be popular. IT was the occupy wall street protest that day in two thousand eleven for the sole purpose of sowing maham, and he was certainly successful. On his right was an israeli men holding a sign saying, fuck this guy with an error pointing at tweets. And on his left, where two women supporting palestine with their own sign, which said, we'd fuck this guy.
So he starts talking him, and the conversation turns to the fact that is being prosecuted for computer crime, and he's going to go to trap. So SHE comes back home, says, I just met this guy. He's been been accused of computer crime and he's looking for a wire.
Tour google weaver's name and quickly realized who he was dealing with. But tour was so down on his luck he just didn't care .
that whatever right to do something right, like your desperate. And so I go to a bar, I meet him and we start talking and i'm like, i'll rap you you know for free um you know a trial but just understand I never done a trial before and he just said to me, yeah that's okay. Tour has kept me out of jail many a time.
The tour weave was referring to is the tour network and open source project that makes you more difficult to trace users. Internet activity. Maybe the name tour really was the deciding factor for wave, but maybe just maybe there was more to IT than that.
But first made tour acland, he saw something that set the rookie layer apart from the typical button up atterley. Beneath the suit, there was still a glimmer of the actor toward d once wanted to be trace of the performer, the Spark of my gift that had never fully faded. Just listen to the way tour warns not to google. The world goes.
The security group called cosi do not google G O A T S E. You will read that you will not be able to unc IT that A G O A T S E.
The next day, tour began to formulate his strategy for try. At the heart of wave's case was a law enacted in nineteen and eighty six called the computer fraud and abuse act, which prohibits unauthorized access to a protected computer.
The prosecution argued that what we, even Daniel ital, did, incremental icc ideas and pRobing A N T service was no different than wondering through a neighborhood trying donny s to see which doors had been left unlocked and then rifling through private doors, exposing sensitive information that was never meant to be seen, furthermore claimed the prosecution A T N T servers weren't open to just anyone. Their design required specific steps to impersonate an authorized user, such as altering the user agent field to make their requests appear as though they were coming from an ipad. Other words, this wasn't just casual browsing.
IT was deception and intentional. Same convention of digital safeguard tour with the core of waves defense around a simple argument. PRobing public facing U. R, wells couldn't be considered unauthorized access if the information was available on the open web requiring no passwords or special permissions. How could retreating IT possibly .
constitute a crime? I actually, the term I was, if you had something and you, you know, you break a password, you force the password, you get into someone system as an obvious case of an author, access, right? But cases came up like, is IT unauthorized to access to via the terms of service to a social media a and there's a famous case called drew.
I think it's from like two thousand ten or nine somewhere and there where uh this woman and this mom lies about age to get on to my space, never my space, everybody. It's like a social media site and he goes on there to arrest her teenage daughters like rival ride is another teenage girl and that teenager girl commit suicide a cyberbullying. It's a case cyber balling. And so the federal government prosecutes under the C F A. Uh under the theory when authorized to access that because you've light of my age violated ted the terms of service, the mice space and um they get a mister meaner I think conviction and then or n curer comes in or in care .
is a professor of law at you see berkely and is considered the top expert on computer flood and the computer fraud and abuse act and he .
went under the theory that um lying about your age of violating the terms of service agreement can't be unauthorized to access because then yeah millions and millions of americans are people all in the world and you lie that you will weight on a dating site anything right like minor fans are stupid stuff that you think doesn't matter all of this a family right there's all sorts debate over what are authorized access means and um and that's what they charged weave with well then how is that any different really from a google search right like um and if that was a value then your grandma do a google search in kansas or wherever. She's probably commenting felting right because there's no clear um line there.
The trial took place in new jersey before a jury and lasted a little more than a week, at the end of which the jury took just two hours to find him guilty. Tor wasn't surprised with the weaves toxic reputation and history of trolling ling tour had never expected much sympathy from the jury.
Our plan was to win on appeal. Of course you you going to try to win the out. But like the conviction rate, pat conroy trials is something like ninety nine percent. So only a four goes and think you betting just a lot of winning.
The day of the sentencing arrived, and we've saw IT is an opportunity not for condition, but for maximum publicity.
He looks at me and says, I want you to ask for the maximum set as possible. And I like what. I want you to ask for the maximum sense will get the most publicity.
I like, okay, I do right. And I remember what I did that with the judge. He goes, yes, I think we can do that right.
Tour describes the tennis atmosphere in the quarter room as everyone waited for the judge to deliver the sentence.
There's also some people outside the courthouse and there's cameras and there's us Marshals. Are that like the sort of security service to the U. S.
Court, among other things. And usually when you go into the course houses to the sort of of uncured older men and women, you are, you know, retiring. But I look at the front courthouse.
And is these guys that I like you, nf fell. Football line matters. Standing in front, the koreans sing like the one is going out, right? I can saw this like that was like a for the moment, if you have for any spells.
And so a lot of people to follow blue in the the courtroom fills up. It's like packed with weave supporters and and women so we sit down and uh beside me and he's got the king was like a tablet or something. The judge like so like live tweet the shit.
I now I look back and I am not surprised to judge a lot that. But okay, that's what was happening one point. A U. S. Marco comes up behind leave and just says, um give me your phone, you know, give me your tablet and we've says, now then the U. S.
Martial and on paraphrase ys, oh yeah, you've stupid mother fucker, you want to fuck with me and slams has faced down into the table. He gets swarmed by all these line back to N, F, L, U, S. Marshals who ve been sitting in the joy box.
The entire court woman robs, women are crying and screaming. He gets mobile and his extending his hand with the tablet, like in front of me, right as their bobbing and trying to give in to me. And one for for get judge working to just got as director.
Could you please take mister R. T. Hyper seen a fine much? sure. I take IT in a swarm of a grab and is his walking out. He yells hail areas, which is the, I guess, greek god of chaos. And they march the back holding cell y comes back out a few minutes later on the orge jump suit shackle, the new wise ankle shacked my hands and SHE gave three and half years.
As we've was let away to serve his three and a half year sentence, the task of bring him fell squarely on the shoulders of tour. He is inexperienced lawyer with public hatred for his client running high. The odds didn't look promising, but then an unexpected brick, the electronic frontier foundation, long time critics of the C.
F, A, A, had been watching the trial from a distance. Now they decided to step into the fight, and they didn't come alone. Joining them was all in care. The nation's foremost expert on computer crime law and formidable ally .
for the appeal.
That's IT for this episode .
by two was usual in two weeks, a couple of short outs. Who are listeners? Dortha from england wrote to me to tell me that he came across malicious s life a few years ago when he was pondering career change to cyber security.
And she's been hooked on the podcast ever sense thank you so much dota, and best of luck in your new career also shut out to dominic Cameron, a former B. B. C. producer. Last episode, I asked for your thoughts on using A I.
Voices as part of the podcast and dominque suggested that I add something like the following is narrated by an A I just to make sure that the listener's won't be confused and think that this is an actual historical recording of the person were according. That's a great suggestion. Dominic and I use IT in future episodes.
And while we're on the topic of A I I D like to ask you for your help, we have more than two hundred and fifty episodes of malicious life, and most of them don't have a cover image. You know, the image that goes along with the episode in the podcasting apps in the website. I was thinking about creating the images myself, but then I remember that I have the artistic proficiency of a blind gold.
So i'm asking you listening ers, would you like to help us by creating cover images for past episodes of the podcast? You could use whatever till you like, of course, including A I image generators. The only requirement is that the images be at least one thousand four hundred and forty by one thousand four hundred and forty pixel and has no N S, F W content to make sure that two or more listeners aren't working on the same episode.
Drop me line at ran and ran levy dot com, that's R A N L E V I dot com. And i'll tell you which episodes still need cover images. Thank you very much for your help, and i'm already curious to see what you all come up with.
Military life is produced by P. I. media. This epo de was written by me and did by me.
No son sound design by shelling guter. Our website is malicious life. You can follow us on twitter and at malicious s life.
Follow me at at rand vy R A N L E V I. thanks. A sad reason on the right in the podcast. Learn more sub reason that come .
bye bye Z K music, k music, k music, k music, music.