Paul's Security Weekly (Audio) No FlipperZeros Allowed - PSW #908
Jan 8, 2026
They debate bans on Flipper Zero and Raspberry Pi at cons and how attendees might work around them. They cover pre-infected Android TV boxes spreading malware across local networks. Leaked PS5 boot keys and hardware exploits get attention. Dangerous counterfeit Haribo power banks and battery safety are investigated. Old Unix code fixes, KVM hardening, and a keystroke-lag insider detection story round out the show.
AI Snips
Chapters
Books
Transcript
Episode notes
Flipper Zero Temptations In Dense Cities
- Paul recalled seeing a Flipper Zero at a mall and noted how dense urban areas make such devices more tempting to misuse.
- He warned that messing with public infra (e.g., elevator remotes) can create safety hazards and annoyance.
Leaked PS5 Boot Keys Enable Unpatchable Hacks
- Extraction of PS5 hardware-level boot ROM keys enables unsignable system-wide access that Sony cannot patch via software.
- Exploits chain emulator sandbox escapes plus leaked ROM keys to grant persistent control on existing consoles.
Treat Compliance As Measured Security
- Treat compliance as a measurable part of security and use it to verify controls actually operate as intended.
- Use compliance programs to help organizations reduce risk, not merely to tick boxes.
