Language Selection

English French German Italian Portuguese Spanish

AOL Worker Who Stole E-Mail List Sentenced

Filed under
Legal

A former America Online software engineer was sentenced Wednesday to a year and three months in prison for stealing 92 million screen names and e-mail addresses and selling them to spammers who sent out up to 7 billion unsolicited e-mails.

"I know I've done something very wrong," a soft-spoken and teary eyed Jason Smathers told U.S. District Judge Alvin Hellerstein.

The judge credited the 25-year-old former Harpers Ferry, W. Va., resident for his contrition and efforts to help the government before he pleaded guilty to conspiracy charges. A plea deal had called for a sentence of at least a year and a half in prison.

In a letter from Smathers to the court that was read partially into the record by Assistant U.S. Attorney David Siegal, Smathers tried to explain the crimes that AOL has said cost the company at least $400,000 and possibly millions of dollars.

"Cyberspace is a new and strange place," Siegal said Smathers wrote. "I was good at navigating in that frontier and I became an outlaw."

As the judge indicated he would be lenient toward Smathers, Siegal told Hellerstein that the public needs to learn from the case that the "Internet is not lawless."

"The public at large has an interest in making sure people respect the same values that apply in everyday life, on the Internet," Siegal said.

The judge imposed the reduced sentence of one year and three months, saying he recognized that Smathers cooperated fully with the government but did not have the kind of information that would have helped to build other criminal cases.

He said leniency was appropriate for "someone who tries hard to bare his soul but doesn't have the information the government needs."

In December, Hellerstein rejected the first attempt by Smathers to plead guilty, saying he was not convinced he had actually committed a crime. The judge accepted the plea in February, saying prosecutors had sufficiently explained why he had.

Smathers has admitted that he accepted $28,000 from someone who wanted to pitch an offshore gambling site to AOL customers, knowing that the list of screen names might make its way to others who would send e-mail solicitations.

The judge has recommended that Smathers be forced to pay $84,000 in restitution, triple what he earned. The imposition of restitution was delayed to give AOL a chance to prove the damages were much greater. The judge suggested the figure of at least $400,000 in damages was subjective.

Prosecutors said Smathers had engaged in the interstate transportation of stolen property and had violated a new federal CAN-SPAM law, short for Controlling the Assault of Non-Solicited Pornography and Marketing Act, which is meant to diminish unsolicited e-mail messages about everything from Viagra to mortgages.

In December, the judge said he had dropped his own AOL membership because he received too much spam.

America Online Inc., a wholly owned subsidiary of Time Warner Inc., has since launched a major assault on spam, significantly reducing unsolicited e-mails.

Smathers was fired by AOL last June. Authorities said he used another employee's access code to steal the list of AOL customers in 2003 from its headquarters in Dulles, Va.

Smathers allegedly sold the list to Sean Dunaway, of Las Vegas, who used it to send unwanted gambling advertisements to subscribers of AOL, the world's largest Internet provider. Charges are pending against Dunaway.

The stolen list of 92 million AOL addresses included multiple addresses used by each of AOL's estimated 30 million customers. It is believed to be still circulating among spammers.

The judge refused a Probation Department recommendation that Smathers be banned from his profession, saying he trusted Smathers had learned his lesson.

Associated Press

More in Tux Machines

Kernel Space: Linux, Graphics

  • Linux kernel bug delivers corrupt TCP/IP data to Mesos, Kubernetes, Docker containers
    The Linux Kernel has a bug that causes containers that use veth devices for network routing (such as Docker on IPv6, Kubernetes, Google Container Engine, and Mesos) to not check TCP checksums. This results in applications incorrectly receiving corrupt data in a number of situations, such as with bad networking hardware. The bug dates back at least three years and is present in kernels as far back as we’ve tested. Our patch has been reviewed and accepted into the kernel, and is currently being backported to -stable releases back to 3.14 in different distributions (such as Suse, and Canonical). If you use containers in your setup, I recommend you apply this patch or deploy a kernel with this patch when it becomes available. Note: Docker’s default NAT networking is not affected and, in practice, Google Container Engine is likely protected from hardware errors by its virtualized network.
  • Performance problems
    Just over a year ago I implemented an optimization to the SPI core code in Linux that avoids some needless context switches to a worker thread in the main data path that most clients use. This was really nice, it was simple to do but saved a bunch of work for most drivers using SPI and made things noticeably faster. The code got merged in v4.0 and that was that, I kept on kicking a few more ideas for optimizations in this area around but that was that until the past month.
  • Compute Shader Code Begins Landing For Gallium3D
    Samuel Pitoiset began pushing his Gallium3D Mesa state tracker changes this morning for supporting compute shaders via the GL_ARB_compute_shader extension. Before getting too excited, the hardware drivers haven't yet implemented the support. It was back in December that core Mesa received its treatment for compute shader support and came with Intel's i965 driver implementing CS.
  • Libav Finally Lands VDPAU Support For Accelerated HEVC Decoding
    While FFmpeg has offered hardware-accelerated HEVC decoding using NVIDIA's VDPAU API since last summer, this support for the FFmpeg-forked libav landed just today. In June was when FFmpeg added support to its libavcodec for handling HEVC/H.265 video decoding via NVIDIA's Video Decode and Presentation API for Unix interface. Around that same time, developer Philip Langdale who had done the FFmpeg patch, also submitted the patch for Libav for decoding HEVC content through VDPAU where supported.

Unixstickers, Linux goes to Washington, Why Linux?

  • Unixstickers sent me a package!
    There's an old, popular saying, beware geeks bearing gifts. But in this case, I was pleased to see an email in my inbox, from unixstickers.com, asking me if I was interested in reviewing their products. I said ye, and a quick few days later, there was a surprise courier-delivered envelope waiting for me in the post. Coincidentally - or not - the whole thing happened close enough to the 2015 end-of-the-year holidays to classify as poetic justice. On a slightly more serious note, Unixstickers is a company shipping T-shirts, hoodies, mugs, posters, pins, and stickers to UNIX and Linux aficionados worldwide. Having been identified one and acquired on the company's PR radar, I am now doing a first-of-a-kind Dedoimedo non-technical technical review of merchandise related to our favorite software. So not sure how it's gonna work out, but let's see.
  • Linux goes to Washington: How the White House/Linux Foundation collaboration will work
    No doubt by now you've heard about the Obama Administration's newly announced Cybersecurity National Action Plan (CNAP). You can read more about it on CIO.com here and here. But what you may not know is that the White House is actively working with the Linux and open source community for CNAP. In a blog post Jim Zemlin, the executive director of the Linux Foundation said, “In the proposal, the White House announced collaboration with The Linux Foundation’s Core Infrastructure Initiative (CII) to better secure Internet 'utilities' such as open-source software, protocols and standards.”
  • Why Linux?
    Linux may inspire you to think of coders hunched over their desks (that are littered with Mountain Dew cans) while looking at lines of codes, faintly lit by the yellow glow of old CRT monitors. Maybe Linux sounds like some kind of a wild cat and you have never heard the term before. Maybe you have use it every day. It is an operating system loved by a few and misrepresented to many.

RebeccaBlackOS 2016-02-08 Review. Why? Because it’s Friday.

These are the types of problems found in an independent distro build from scratch. I cannot understand how a system built on Debian could be this buggy and apparently have zero VM support which Debian comes with by default. I can take some solace in the fact that it was built by one person and that one person is a Rebecca Black fan but as far as a Linux Distribution is concerned there is not much here. Some could say “Well its not supposed to be taken as a serious Distribution.” True except it is listed and kept up with on DistroWatch therefor it should be held as a system ready distribution especially when it was not released as a beta or an RC. If this distribution is ever going to be considered a real platform it has a long way to go. I give it about as many thumbs down as the Rebecca Black Friday video. Read more

Android More Leftovers