Using a legitimate USB charger.
The GSM radio for 2G internet broadcast.
The built in battery for short term unplugged continued sniffing.
Trigger word SMS messages.
Live streaming web portal.
That is very, very cool. This is the kind of stealth monitoring device people just would never think to check and could easily be replaced without the user being any the wiser.
This is a beautiful example of a real hack superbly executed. Bravo.
Edit: Just realised this is the guy (or team?) behind EverCookie.
This case still gets me. Showing some text on MySpace is a "felony" charge?
> Felonies: Felonies are the most serious types of crimes... ...Felonies are usually crimes that are viewed severely by society, and include crimes such as murder, rape, burglary, kidnapping, or arson. However, felonies can also be punished in a range of ways so that the punishment matches the severity of the crime. - http://criminal.findlaw.com/criminal-law-basics/what-disting...
In the plus side, it demonstrates how serious the state perceives the threat of "weaponized" javascript and can be a legitimate defense if someone is ever pursued for using noscript-alikes.
Some states view these types of crimes as crimes of 'moral turpitude' and it doesn't matter if it is a felony or misdemeanor. It will definitely effect your ability to get a security clearance or job in the security space.
I can' imagine whoever wrote this ever having difficulties landing a job in the security space, unless the prospective employer is really dumb.
Then again, it has happened to me that I didn't have the security clearance necessary to check out the code I was working on from a repository (this caused me to make a second repository on the laptop I carried back and forth, which more than defeats the point - dumbly enough, they were fine with this).
Even if they received no jail time, that sentence still seems disproportionately harsh. Heck most drunk drivers receive a lighter sentence and they're endangering human life.
Using a legitimate USB charger. The GSM radio for 2G internet broadcast. The built in battery for short term unplugged continued sniffing. Trigger word SMS messages. Live streaming web portal.
That is very, very cool. This is the kind of stealth monitoring device people just would never think to check and could easily be replaced without the user being any the wiser.
This is a beautiful example of a real hack superbly executed. Bravo.
Edit: Just realised this is the guy (or team?) behind EverCookie.