Now, why they have an 8051 hardwired to the USB bus that accepts arbitrary firmware uploads without even having to elevate beyond user permissions, I can only blame stupidity.
This is Boston (well, Cambridge, 'Greater Boston'.) The local security forces have a... less than glorious... history with bomb-related issues. The 9/11 planes took off from Logan, the Mooninite panic made fools of the PD, a couple of losers with essentially zero resources just hand-carried bombs right into the Boston Marathon crowds and walked away, with the cops bringing the entire area to a screeching halt as they bumbled their way toward capturing the less interesting suspect, after substantial delay, and are still embroiled in an unimpressive looking case (complete with an allegedly valuable person of interest who mysteriously had to be shot to death during interrogation...)
I would be shocked if the PD, FBI, and local DAs aren't licking their lips and smelling blood. They have their man, and bagged him quickly and efficiently, and his 'I made a bomb threat because exams!' position is sympathetic to absolutely no one. I Would. Not. Want. to be him right now.
... to use TOR, but then gave a full confession during an "interview", throwing his right to remain silent (and to have a lawyer present during questioning) out the window?
Outside of pessimists, paranoiacs, and people whose job description involves the word 'uptime', it's normal for someone engaged in 'problem solving' to stop thinking as soon as they find a solution.
In his case, he started thinking, came up with a multi-layer anonymity plan, and then apparently stopped. When it failed, he suddenly had FBI agents and no additional plan. (Also, basic script-kiddie attempts at hiding online and lying to experienced interrogators in person are two very, very, different skills.)
What's more notable is that they apparently keep traffic logs for some amount of time, at least long enough to catch this guy, who knows how much longer?
If you have a network of any nontrivial size, and want to keep it from falling in a screaming heap (especially with the lousiness of wireless links in the mix), taking steps to ensure that most of the users are the ones you are supposed to be providing service to, and doing some QoS to keep them from stepping on each others' toes is basically necessary. Keeping traffic logs, though, is an additional chunk of effort and expense, and all so that people will be motivated to come bug you for access to them. I wonder when they started keeping logs, and why.
Do not do anything on a cellular phone that you would not do on a public computer in the library. Treat them as you would a public phone.
That should tell you everything you need to know about the "security".
You must be one of those 'optimists' I've read about. A public phone isn't strongly correlated with you, personally, nor does it provide much in the way of real time location data (aside from the 'well, he must have been in the phone booth when he made that call' data point). Plus, you can still get computers without cameras and microphones...
Traditionally, if you wanted to study bacteria, you'd take samples, haul them back to the lab, plate them out, try to grow them in culture, then do your tests. Trouble is, not all organisms grow under those conditions. With gene sequencing now cheap and fast, you can go the alternate route of just grabbing a sample, grinding it up, and sequencing everything. You lose the ability to trivially correlate a given gene with a given organism (unless you have prior knowledge that allows you to make an inference); but you get a very powerful 'snapshot' of what genes are present, and in what proportions, in the sample without the need to know how to separate and cultivate them.
It's an extremely powerful approach for hunting novel species, since basically anything with DNA will show up regardless of whether you know anything about its care and feeding or not, and you can then identify novel DNA sequences and start looking for their hosts. It's also suitable in this case, because they aren't really interested in the bacteria (it isn't news that drinking sewage is a bad plan); but in shifts in the gene distribution of the entire population, which is exactly what grinding it up and sequencing it will get you a look at.
FireEye tracked the infections to Android devices in Korea and noted that the attackers are logging into command-and-controls in from Korea and mainland China, among other locations, to periodically read the stolen SMS messages. FireEye's research team discovered a total of 64 mobile botnet campaigns in the MisoSMS malware family and a command-and-control that comprises more than 450 unique malicious e-mail accounts."
Link to Original Source