Paul's Security Weekly (Audio) With AI Nothing Is Safe - PSW #905
Dec 18, 2025
They dig into smart TV privacy, firmware and ad tracking concerns and whether cheap hardware spies on you. Network controls, Pi-hole and safer streaming alternatives are debated. There is a deep look at Linux process injection and privilege tricks. They explore local AI models automating exploit workflows and browser extensions that leak AI chats. IoT camera compromises and car modem attack surfaces round out the conversation.
AI Snips
Chapters
Books
Transcript
Episode notes
Smart TVs Are Privacy Risks
- Smart TVs increasingly include adware and telemetry, and vendors monetize features by tracking viewing habits.
- Paul warns that vendor control over TV OSes threatens privacy and pushes users to isolate devices on the network.
Route Smart Device Traffic To Null
- Dump smart device traffic into a controlled sink like Pi-hole or null routes to reduce telemetry exposure.
- Deny device DHCP or use DNS filtering to prevent unwanted outbound connections from TVs and IoT devices.
Linux's Flexibility Aids Evasion
- Linux offers many primitives (e.g., seccomp filters) that attackers can abuse for stealthy process injection.
- Paul notes heterogeneous Linux environments make EDR coverage fragmentary and detection inconsistent.
