Language Selection

English French German Italian Portuguese Spanish

AOL Worker Who Stole E-Mail List Sentenced

Filed under
Legal

A former America Online software engineer was sentenced Wednesday to a year and three months in prison for stealing 92 million screen names and e-mail addresses and selling them to spammers who sent out up to 7 billion unsolicited e-mails.

"I know I've done something very wrong," a soft-spoken and teary eyed Jason Smathers told U.S. District Judge Alvin Hellerstein.

The judge credited the 25-year-old former Harpers Ferry, W. Va., resident for his contrition and efforts to help the government before he pleaded guilty to conspiracy charges. A plea deal had called for a sentence of at least a year and a half in prison.

In a letter from Smathers to the court that was read partially into the record by Assistant U.S. Attorney David Siegal, Smathers tried to explain the crimes that AOL has said cost the company at least $400,000 and possibly millions of dollars.

"Cyberspace is a new and strange place," Siegal said Smathers wrote. "I was good at navigating in that frontier and I became an outlaw."

As the judge indicated he would be lenient toward Smathers, Siegal told Hellerstein that the public needs to learn from the case that the "Internet is not lawless."

"The public at large has an interest in making sure people respect the same values that apply in everyday life, on the Internet," Siegal said.

The judge imposed the reduced sentence of one year and three months, saying he recognized that Smathers cooperated fully with the government but did not have the kind of information that would have helped to build other criminal cases.

He said leniency was appropriate for "someone who tries hard to bare his soul but doesn't have the information the government needs."

In December, Hellerstein rejected the first attempt by Smathers to plead guilty, saying he was not convinced he had actually committed a crime. The judge accepted the plea in February, saying prosecutors had sufficiently explained why he had.

Smathers has admitted that he accepted $28,000 from someone who wanted to pitch an offshore gambling site to AOL customers, knowing that the list of screen names might make its way to others who would send e-mail solicitations.

The judge has recommended that Smathers be forced to pay $84,000 in restitution, triple what he earned. The imposition of restitution was delayed to give AOL a chance to prove the damages were much greater. The judge suggested the figure of at least $400,000 in damages was subjective.

Prosecutors said Smathers had engaged in the interstate transportation of stolen property and had violated a new federal CAN-SPAM law, short for Controlling the Assault of Non-Solicited Pornography and Marketing Act, which is meant to diminish unsolicited e-mail messages about everything from Viagra to mortgages.

In December, the judge said he had dropped his own AOL membership because he received too much spam.

America Online Inc., a wholly owned subsidiary of Time Warner Inc., has since launched a major assault on spam, significantly reducing unsolicited e-mails.

Smathers was fired by AOL last June. Authorities said he used another employee's access code to steal the list of AOL customers in 2003 from its headquarters in Dulles, Va.

Smathers allegedly sold the list to Sean Dunaway, of Las Vegas, who used it to send unwanted gambling advertisements to subscribers of AOL, the world's largest Internet provider. Charges are pending against Dunaway.

The stolen list of 92 million AOL addresses included multiple addresses used by each of AOL's estimated 30 million customers. It is believed to be still circulating among spammers.

The judge refused a Probation Department recommendation that Smathers be banned from his profession, saying he trusted Smathers had learned his lesson.

Associated Press

More in Tux Machines

Linux, Graphics, and Linux Foundation

today's howtos

Leftovers: OSS

  • Codesmith Students Garner National Praise for Open-Source Contributions
    Reactide is an Integrated Development Environment built for React, which intends to make React development easier for Software Engineers. The project has been widely praised, amassing over 6,000 stars on GitHub.
  • Airbnb’s new open source library lets you design with React and render to Sketch
    Today, Airbnb’s design team open sourced its internal library for writing React components that easily render directly to Sketch. Instead of trying to get Sketch to export to code, the Airbnb team spent its time on the opposite — putting the paintbrush in the hands of the engineer.
  • [Older] Telecoms copying cloud providers make beeline for open source, say analysts
    The supersonic growth of Amazon Web Services and other cloud providers in the past few years owes much to open-source communities that fed them cutting-edge tech free-of-charge. Now telecom is mimicking this strategy through involvement with the Linux Foundation, according to Scott Raynovich (@rayno) (pictured, right), guest host of theCUBE, SiliconANGLE Media’s mobile live streaming studio.
  • Get a Preview of Apache IoT Projects at Upcoming ApacheCon
    The countdown until ApacheCon North America has begun. The blockbuster event will be in Miami this year and runs May 16-18. The Apache community is made up of many niche communities and ApacheCon offers something for all of them. Here, Roman Shaposhnik, Director of Open Source, Pivotal Inc., who is heading the Apache IoT track at the ApacheCon conference, gave us a sneak peek of what the Apache Internet of Things community can look forward to at the event.
  • Free Webinar on Starting a Collaborative Open Source Project
  • Oracle draws curtains on OmniOS
    With its openly stated operational remit of ‘aggressive acquisitions’ (albeit positively aggressive), Oracle is (very) arguably a firm known for buying, swallowing, acquiring those companies it decides to consume.
  • Partners Healthcare, Persistent Systems to develop open-source platform
  • Libreboot Applies to Rejoin GNU
    Last week we reported that after reorganization, Libreboot was considering rejoining GNU and was seeking input from its community to determine the amount of support it had for such a move. From reading the comments posted both on our article on FOSS Force and on Libreboot’s website, it comes as no surprise that the project’s core members feel they have the necessary consesus to proceed. Last night, FOSS Force received an email — sent jointly to us and Phoronix — letting us know of the decision. Rather than repeat what’s already been written and said on the subject (for that, follow the first link above), we’re publishing a slightly edited version of the email, which will pretty much bring everyone up to date on the situation.

Security updates and no more patches from grsecurity (without a fee)

  • Security updates for Wednesday
  • GrSecurity Kernel Patches Will No Longer Be Free To The Public
    The GrSecurity initiative that hosts various out-of-tree patches to the mainline Linux kernel in order to enhance the security will no longer be available to non-paying users. GrSecurity has been around for the better part of two decades and going back to the 2.4 kernel days. In 2015 the stable GrSecurity patches became available to only commercial customers while the testing patches had still been public. That's now changing with all GrSecurity users needing to be customers.
  • Passing the Baton: FAQ
    This change is effective today, April 26th 2017. Public test patches have been removed from the download area. 4.9 was specifically chosen as the last public release as being the latest upstream LTS kernel will help ease the community transition.
  • grsecurity - Passing the Baton
    Anyone here use grsecurity and have any thoughts about this?