You still need to worry about it being found in the pure software case - there's far higher odds of me seeing some suspicious traffic than a small custom bit of RF gear inside. If someone's taking the thing apart and sees your physical extra bits, odds are they're doing so to dump the firmware, just like this guy... if they're not doing that, they're not necessarily skilled enough to spot whatever modifications you may have planted either. It really depends on the target though I suppose. Of course, at the point you have physical access, all bets are off, they could swap chips on the board with identically labeled ones which serve different functions - replace the firmware and signing with their own, etc. An essentially undetectable hardware modification.
1) I doubt most people are monitoring their home LAN traffic at all, let alone to the degree that would let them detect something odd here. Even if they are, there are ways around it -- like simply compressing and storing the extra voice data and only sending it out when someone makes a legit request to their Echo. Certainly that's more data, but the access pattern would make it easier to hide.
2) This hack doesn't require any (lasting) physical modification to the Echo. You connect to the debug pads on the bottom, do some stuff, disconnect, and you're done. So there are no physical extra bits to find.
But yeah, my point here was exactly #2 -- physically there is nothing in your home that was not there before. In the case of a dedicated bug, that's something physical that the target of surveillance could find and know that someone is messing with them.
