Paul's Security Weekly (Audio) Americans Can't Hack It - PSW #891
Sep 11, 2025
Dive into the world of cyber threats as the hosts explore the intricacies of vulnerability management and the alarming shortcomings of current security practices. Discover the risks associated with biometrics in cars and the latest trends in car theft technology. They share insights on running web servers on smartphones and discuss the implications of a major npm supply-chain compromise. From malicious copy-paste tactics to discussing the impact of Bluetooth security tools, this conversation is packed with essential tech knowledge and cautionary tales.
AI Snips
Chapters
Books
Transcript
Episode notes
Harden Your Car Key Fob Security
- Disable passive entry and enable deadlock modes on cars that support them to reduce remote theft risk.
- RF-protect key fobs at home but verify your shielding product actually works before relying on it.
Image Libraries Are Long-Term Risk
- Image-processing libraries like ImageMagick are high-risk because they ingest unstructured data and run complex parsers.
- Vulnerabilities in such tooling often persist on embedded and IoT devices for years after disclosure.
Don't Abandon Secure Boot; Manage Your Keys
- Keep Secure Boot enabled rather than disabling it because of fear-driven claims about vendor control.
- If you distrust vendor keys, generate and manage your own Secure Boot keys and trust chain.
