I recently argued ' Why Goatse was right to disclose iPad data leak ' after it came to light that the FBI had started an investigation into the hacker group following the responsible disclosure of an iPad data leak caused by poor AT&T security measures. I said "The security researchers which discovered the vulnerability ensured that AT&T were not only informed, but that it had also closed the hole down, before going public with the news. So why are they, and not the dumbass security folk at AT&T responsible for not securing that data in the first place, the ones under investigation by the FBI?" at the time, and now it seems an arrest has been made.

However, it looks like I might have been right about Goatse doing nothing wrong legally, despite what others argue, as that arrest had absolutely nothing to do with the iPad data leak at all. In fact it appears to have been on drugs charges. According to reports Andrew Auernheimer, aka 'Weev' and 'Escher' from the Goatse group, was arrested on four felony and one misdemeanor charges "involving possession of a controlled substance" on Tuesday. The Register claims that police "allegedly discovered cocaine, ecstasy and LSD during a search of his home".

There's no denying that, if the charges stick, Mr Auernheimer has broken the law by possessing these controlled substances. However, it does seem a little #### about face that the drugs discovery was only made after the FBI got involved and his house was searched in connection with disclosing a potentially serious security lapse in the first place. More so when there is a great deal of speculation that the investigation was instigated at the request of AT&T, the very people responsible for the cack security measures which allowed that iPad data vulnerability to exist in the first place.

As one reporter puts it "AT&T’s security malfeasance exposed the private user details of over a hundred thousand customers, and are now busy hunting down and vilifying the benign group of security activists who alerted them to the problem before less well-meaning hacker groups could exploit the data".