MacRumors

macrumors bot
Original poster
Apr 12, 2001
53,521
15,250


An Australian man has been fined AU$5,000 and given an 18-month "recognizance," after he was found guilty of extracting employee details from Apple's servers and posting them on Twitter.

appleaustralia.jpg

According to Bega District News, 24-year-old Abe Crannaford appeared in Eden Local Court on Wednesday for sentencing, after pleading guilty in February to two counts of unauthorized access or modification of restricted data.
In mid-2017 and early 2018, Crannaford extracted restricted information meant for employees only from the large US-based corporation.

The hacking culminated in January 2018 when Crannaford published employee details on his Twitter account and allegedly provided links to the corporation's firmware on GitHub.

The potential maximum sentence for the offences committed is two years' imprisonment and fines of $10,000 or more for each matter.
Magistrate Doug Dick fined him $5,000, however he did not impose a sentence on Crannaford, instead giving him an 18-month period of "recognizance," or good behavior, that if breached would result in an additional $5,000 penalty.
"It's pleasing to see you've made changes to you life and it's clear from the submissions that it has weighed heavily on your mind, which is punishment in itself.

"It may well be you're now subjected to online ridicule and contempt, but no-one in this court room escapes that - not even me," Magistrate Dick said.

"What you did strikes at the heart of modern society - people rightly worry about their privacy."
Ines Chiumento, Crannaford's defence solicitor, tried to argue that Apple "in some sense" promotes hacking, by awarding hackers through its bounty program for finding exploits and bugs.

"With that ability being treasured and sought out, it's difficult to send a message to young people (about the illegality and punitive measures) if the companies don't send the same message," said Chiumento.

The prosecutor acknowledged the existence of Apple's bounty program, but said Crannaford's "intrusions into websites and restricted data" occurred on multiple occasions and were shared with others, "so the concept of a bounty is contrary to his actions."

Article Link: Australian Hacker Avoids Jail After Posting Confidential Apple Employee Details on Twitter
 
Last edited:

[AUT] Thomas

macrumors 6502a
Mar 13, 2016
692
843
Graz [Austria]
The 3k fine (it's AUD... so much less) isn't the real punishment...
Finding a good job with non-ethical hacking committed will be the real challenge... good luck with that.
 

amartinez1660

macrumors 6502a
Sep 22, 2014
998
883
Are Australian courts a bit more lenient in general or... maybe the hacker had some dirt on the magistrate? :O
Hacker: “if you put me in jail, the world will see things that you wouldn’t want to be seen Mr. Magistrate”
[automerge]1591185236[/automerge]
50 typos in that post. Can’t take it seriously if you don’t bother to even auto spell check.
You don’t saif!
 
  • Haha
Reactions: Regbial and lyngo

2010mini

macrumors 601
Jun 19, 2013
4,584
4,638
Being an Australian I could have said with absolute certainty that this guy was never going to jail. You'd have to kill a few people to ever see inside a jail cell. And even then you'd get out early with good behaviour.

maybe we should do the same? Seems, per capita, you have less crime. Could be because your justice system is not as punitive. Think about it.... does a case like this really warrant jail time?
 
  • Like
Reactions: CarlJ

GeoStructural

macrumors 6502a
Oct 8, 2016
729
2,381
Colombia
The 3k fine (it's AUD... so much less) isn't the real punishment...
Finding a good job with non-ethical hacking committed will be the real challenge... good luck with that.

Actually I think this feat opens many doors for him. That shows the real skills and many companies look for people like that.

I don’t know if they still do it, but back in the day Google was famous for hiring hackers and guys like him.
 

tyranne201

macrumors regular
Apr 1, 2020
106
78
justice only works if you mess with big companies, not for poor or black people. amazing that they even considered a 2-year jail sentence for posting random stuff on the internet.

what also surprises me, is the fact that Apple did not lose actual money because of this, but he still got fined 5,000. There was no actual damage to the company. I don't agree with this sentence at all.
 
Last edited:

Appleman3546

macrumors 6502
May 13, 2019
317
610
The articles comparison on the prosecutor and judges takes on the bounty program is interesting, as hacking is promoted and thus encouraged, but sharing that information to others is not. Interesting that it was weighed to try to fit the crime
 

Rainshadow

macrumors 6502
Feb 16, 2017
347
779
maybe we should do the same? Seems, per capita, you have less crime. Could be because your justice system is not as punitive. Think about it.... does a case like this really warrant jail time?

Absolutely it could. And you would feel the same way too if someone posted your home address or Info about your kids schedules etc. That is dangerous information for the wrong people and once it’s there, it’s there.

We don’t know all the details, so maybe jail wasn’t warranted here (clearly the judge didn’t think so), but to say 5,000 aus is punitive enough.... I could see scenarios where it isn’t.

The problem with cash fines is that there are plenty of people who are good with money where $5,000 US dollars wouldn’t even be an inconvenience. Hopefully a judge could read that, but sometimes one day in jail is worse than $5000.

(And there are times $5000 is a death sentence for folks living paycheck to paycheck.)
 
  • Like
Reactions: CarlJ

m4mario

macrumors 6502
May 10, 2017
381
975
San Francisco Bay Area
Being an Australian I could have said with absolute certainty that this guy was never going to jail. You'd have to kill a few people to ever see inside a jail cell. And even then you'd get out early with good behaviour.
What about robbery, rape, child abuse... Things like that? How about kill only one person? how about that?
 

CarlJ

macrumors 603
Feb 23, 2004
5,405
9,418
San Diego, CA, USA
Ines Chiumento, Crannaford's defence solicitor, tried to argue that Apple "in some sense" promotes hacking, by awarding hackers through its bounty program for finding exploits and bugs.
Apple “in some sense” promotes hacking in the same way that they “in some sense” promote murder, since you could beat someone to death with a Magic Keyboard or strangle them with a Lightning cable.

You can sit at home all year doing local penetration testing against your iPhone and Mac, and nobody will care, and if you find a way in and tell Apple, they’ll pay you for the information. Trying to hack into any server you do not own is an entirely different matter altogether, and the two are very hard to mistake for each other. Except to people who have no understanding of technology. Which the solicitor hopes includes the judge.
 

CarlJ

macrumors 603
Feb 23, 2004
5,405
9,418
San Diego, CA, USA
maybe we should do the same? Seems, per capita, you have less crime. Could be because your justice system is not as punitive.
We don’t know all the details, so maybe jail wasn’t warranted here (clearly the judge didn’t think so), but to say 5,000 aus is punitive enough.... I could see scenarios where it isn’t.

The problem with cash fines is that there are plenty of people who are good with money where $5,000 US dollars wouldn’t even be an inconvenience.
I’ve read about some (European, I think) country where things like traffic tickets were scaled with either your net worth, or your yearly income, or some combination of the two (I don’t recall the details). The goal was to make a given punishment equally painful for any given citizen. So a poor person might get fined $100, and a very rich person might get fined $10,000, for the same offense. I’m kinda wondering if that might be a way to go. For a lot of different punishments in the justice system, that might make things more equal.

The goal, after all, (beyond any restitution for damage caused) is to cause deterrence by threatening a certain amount of discomfort. $100 can be a hardship to someone only making, say, $20k a year, while it’s lunch money to someone making $150k a year. Therefore a fixed fine, like $100, isn’t providing the same level of deterrence to these two hypothetical individuals.

Now, $100 is 0.5% of $20k. Let’s scale that for someone making $150k: 0.5% of that is $7,500. That’s... rather more than the cost of a fancy lunch. It’d be more of a deterrent. Would these two amounts provide equal deterrence? Probably not (but it’s a step in the right direction). You might have to add a sliding scale to take into account money left over after covering basic expenses - e.g. the $150k person makes 7.5x as much money but probably doesn’t eat 7.5x as much food as the $20k person, so maybe you subtract some cost of living allowance out of their yearly pay, and then make the fine be a (small) fraction of the remaining amount.

But, in any case, I think something like that might provide a more equal level of potential discomfort and thus a more equal level of deterrence.

The criminal justice system here in the US is screwed up in all sorts of ways, including outsourcing actual prisons in some cases - a huge problem with this is that once “prison” is a for-profit private enterprise, rather than a government institution, the people running it have the wrong motivation - it’s not “protect society and rehabilitate inmates where possible”, instead it’s “maximize profits by keeping more people incarcerated for longer, and minimizing the amount of money spent taking care of each inmate” - which are horrible goals for a prison, pretty much the opposite of what society needs.
 
Last edited:
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.