>It was doing that with the knowledge that the target was not meant to be public
AT&T's intent isn't really relevant. The fact is, they published all of those emails publicly. They certainly didn't mean to, but I fail to see how accessing public websites can be considered a crime, even if you access lots of them when the company doesn't want you to. If I forget to close my blinds before having sex, that doesn't make anyone who walks by on the street and sees me a criminal. Nor are they criminals if they take a picture and post it on reddit. It's your job not to expose that material publicly if you want it to be private.
>storing that information, and sharing it with the media.
Neither of these are acts that should be considered criminal, just as the storing and uploading to reddit of an embarrassing photo is not criminal. Would it still have been criminal if he had passed the bash one-liner to the media, instead? What's the difference? The responsibility for the leak still resides with AT&T, and them alone.
Now, none of this is to say that I condone of weev's actions. I certainly would have handled the situation differently. But being rude and being a criminal are not synonymous.
> AT&T's intent isn't really relevant. The fact is, they published all of those emails publicly. They certainly didn't mean to, but I fail to see how accessing public websites can be considered a crime, even if you access lots of them when the company doesn't want you to.
In the meatspace it happens all the time that you can get in trouble for being somewhere you're not supposed to even if they forgot to hit the locks on the way out.
Or for a possibly more relevant example, what happens in real life if you find an ATM that has an error such that it gives you twice as much cash as you asked for? Is it still theft if you take it? (Hint: Yes)
Should that equate to a felony here, where no authentication shenanigans were employed? I don't think so, but I wish we'd quit with the victim blaming here on HN.
I also wish we'd separate the enforcability of something from its morality or legality. There's many, many minor things wrong that people can do that even the current state can't hope to fully enforce, but that doesn't make it right, it makes it a fact of life. But if you do somehow get caught doing something that 99% of the rest manage to get away with, shame on you.
By the way, that ATM example wasn't made up: http://investorplace.com/2012/11/faulty-atm-gives-out-extra-... (the Bank opted not to try to find out which customers took the money, due to the difficulty with getting accurate evidence, not because it was right to take the money)
You're absolutely right, and I'd call that a failing of the law. Just because someone intends to create a system with some degree of security does not mean people who access said unsecured system should be considered criminals.
AT&T's intent isn't really relevant. The fact is, they published all of those emails publicly. They certainly didn't mean to, but I fail to see how accessing public websites can be considered a crime, even if you access lots of them when the company doesn't want you to. If I forget to close my blinds before having sex, that doesn't make anyone who walks by on the street and sees me a criminal. Nor are they criminals if they take a picture and post it on reddit. It's your job not to expose that material publicly if you want it to be private.
>storing that information, and sharing it with the media.
Neither of these are acts that should be considered criminal, just as the storing and uploading to reddit of an embarrassing photo is not criminal. Would it still have been criminal if he had passed the bash one-liner to the media, instead? What's the difference? The responsibility for the leak still resides with AT&T, and them alone.
Now, none of this is to say that I condone of weev's actions. I certainly would have handled the situation differently. But being rude and being a criminal are not synonymous.