theft

Phishing Part 1: Password Sunset (November 2007, Flash, loop)
Concept: My aim at the outset was to collect the passwords of fellow students and present them as a series of small literary texts.

Execution: Via a PHP script, I sent emails appearing to come from facebook.com, informing the user that a friend had written on his or her wall. These emails actually linked to my own host, where I set up what appeared to be the Facebook login page but in fact, upon clicking "Login," brought up a cheerfully terrifying Flash animation incorporating the user's password. None of the email addresses corresponding with passwords were saved, so I still don't know whom they belong to.

Here is the spoofed Facebook login page:

Password Sunset Login (November 2007, PHP) (external link)

And here are the results I ended up with:

brittany
h0ttr0us3r$
speedy
aubergine
steveeditor
goodtimes
changeling
TGUdGUc
ma062cnb50
haydood
1qazxcvfr432wsde

Phishing Part 2: hottr0us3r$ (November 2007, Quicktime, 3:47, 31.2 MB)
Concept: Replacement of the flag atop the Penn English Department building with one bearing a stolen password.

Execution: I printed the password "hottr0us3r$" on a flag with the aid of some friends, entered Fisher-Bennett Hall in the middle of the night, gained access to the roof, and replaced the "Penn Arts and Sciences" flag on top of the building with my own. The "h0ttr0us3r$" flag flew for two days before it was taken down. This video documents the flag replacement process.

The above is an embedded Flash video. Mouseover for video controls.

Rodney Graham Wikipedia Modification (February 2006, captured January 2008, PNG, 1.2 MB)
Concept: Making a woman of Rodney Graham.

Execution: I changed every pronoun in the existing article from male to female, then significantly expanded it with texts previously written by classmates. The resulting article remained unaltered for five days.

The article's talk page following modification (February 2006, captured January 2008, PNG, 892 KB):