Expose A Blatant Security Hole In AT&T’s Servers, Get 3.5 Years In Jail
http://www.techdirt.com/articles/20130318/23033422370/expose-blatant-security-hole-ats-servers-get-35-years-jail.shtml
I didn’t look beyond this article, so it is entirely possible that it is slanted so in favor of the accused that a balanced view would show the outrage is unjustified, but knowing what I do know about infosec, nothing here surprises me at the slightest and I suspect it is fully justified outrage.
The real problem is that there are increasingly likely to be fewer people who investigate infosec and the ones that remain will be intent on selling their discoveries to the bad guys rather than attempting to do a public notification. Even if this guy did break some legitimate laws (what the hell does that mean now when our own government routinely breaks laws and illegally throws people in jail (or kills them)?) it would seem to me that society has clearly benefited from his activity (AT&T patched their software) so any punishment in excess of parole seems entirely focused on sending a message to potential hackers/crackers.
Man this is a great country!