This is the first time I've read an AI-heavy piece and stayed engaged with it all the way through. I think the author's sharing the prompts was key to that experience.
Author here. I didn't realize folks had found this, LOL. As some have noted, yes, large chunks of this article were AI-written. Whether or not it's truly justifiable, I was busy enough that I saw it as the best way to complete the capstone writing on my experience. Again, I'm mildly surprised folks came across it!
In case you are interested in hearing a reader's opinion: the AI writing was noticeable and detracting. The most significant cues for me were the sensational tone and the prolific "clever" one-liners. I think that while it is difficult to make the judgment with any degree of accuracy based on a single suspicious sentence, but given the length of the article, all the individual cues eventually add up to a near certainty.
I think that the sorry thing about the article is that, even though I've read through an article of yours, I have learned nothing about what kind of person you are. I think that there's more to blogging than just showing the work. It's also a stage for you. The displays of character in the article ("I had a feeling", "I sat with that for a minute") written in first person are not actually yours, and are instead, in a way, a performance of the LLM that you used. So in my opinion (and you're free to disagree) you've robbed yourself of the attention you deserved.
However, I assume that the contents of the investigation were true, and if so, they are quite damning (in fact, my SO has just surprised me with a cheap Chinese projector. Nice timing!). It was also great that you've shared the prompts and results at each stage.
Like many people, I've always been vaguely suspicious of IoT devices like these. But I've never seen reverse engineered what it is they actually do. The conclusion goes way beyond my expectations and is rather chilling:
>My $35 projector wasn't just spying on me. It was selling my network. Anyone who paid Kookeey for proxy access could route their traffic through my IP
Best the FCC is going to do is a misguided blanket “China bad!” router ban because Elise Stefanik got a little lobbying birdie in her ear from a certain American drone manufacturer.
Back at my old job we would get regular text messages and emails from the Chinese government when a piece of software or plugin in our public web-stack had a new cve or malware…
100% governments needs to crack down on these manufacturers and basically say that if China does not stop this insanity then importing them in to the US or EU will become illegal since its a national and personal security risk.
Not going to happen. Governments are very complacent. The UK only recently banned Chinese IP CCTV cameras from sensitive government sites!
Its impossible to do with anything that gets updates. You never know what the next update will bring. Obviously things that connect to the internet and do not get updates are hopelessly insecure. its also pointless for anything controlled by an app through a server (anything from cars to fridges these days) as you cannot control what the server does.
Governments will also find excuses not to do this as its expensive and inflationary. They will play down the risk, point out the Americans can do it too, etc.
What I missed in analysis is that service sold isn't "selling your bandwidth to a highest bidder" - it's an universal binary delivery system, so if someone would pay more for eg. binary that explores your network and installs btc miner or password stealer on all unsecured devices, then that's what you'll get.
This would typically not be referred to as a "remote access trojan". It's just an updater, or perhaps a dropper if you want to make it sound more scary.
HN discussion: https://news.ycombinator.com/item?id=48165492