Shared Security Podcast

In this episode, Tom Eston and co-host Scott Wright discuss research showing that Tire Pressure Monitoring Systems (TPMS) can create privacy risks because the sensors broadcast unencrypted, uniquely identifying wireless signals that could be used to track vehicles. They reference a 10-week study by researchers at IMDEA in Madrid that collected about 6 million signals from over 20,000 cars at roughly 50 meters range, noting the signals can reveal details like tire pressure, car type, weight, and possible driving patterns, and can be captured with about $100 of equipment. The hosts explain TPMS is a safety feature required on 2008+ cars, consider realistic threat models and potential mitigations like rotating identifiers or encryption. ** Links mentioned on the show ** Your Tire Sensors Could Be Used to Hack Your Car. What to Look Out For https://www.cnet.com/roadshow/news/hacker-threat-hiding-in-car-tire-pressure-system/ Your car’s tire sensors could be used to track you https://networks.imdea.org/your-cars-tire-sensors-could-be-used-to-track-you/ ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today by going to our YouTube channel’s membership section: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/join ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post The Hidden Tracking Risk Inside Your Tires appeared first on Shared Security Podcast.

Tom Eston interviews offensive AI researcher and PhD candidate Andrew Wilson, a former Bishop Fox partner who helped grow the firm from under 20 people to nearly 500, built award-winning AI solutions for SOC modernization, founded Cactus Con, and relocated his family to Guadalajara to open and scale a Bishop Fox office. They discuss Mexico’s growing cybersecurity and AI ecosystem, driven by talent, community events, and government-university partnerships, and how offensive security has shifted from “one-person army” generalists to more specialized roles. Wilson explains his PhD work modeling expert pen testers’ cognitive approaches to shape AI agents, argues AI lowers barriers but requires validation due to hallucinations, and predicts routine, methodology-driven testing will be automated while expert human work persists. He forecasts compliance and audit frameworks will eventually accept more objective, scalable AI-based control validation, reshaping the pen testing market. If you work in cybersecurity, involved in penetration testing and offensive security, or are just trying to figure out what the AI hype actually means for attackers and defenders, this episode is for you! ** Links mentioned on the show ** Follow and connect with Andrew Wilson https://www.linkedin.com/in/awilsonaz/ https://x.com/kuzushi/ Find out more about CactusCon! https://www.cactuscon.com/ ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today by going to our YouTube channel’s membership section: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/join ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post The Real State of Offensive Security: AI, Penetration Testing & The Road Ahead with Andrew Wilson appeared first on Shared Security Podcast.

This episode discusses Meta Ray-Ban Smart Glasses, which blend a camera, microphone, AI features, and social media integration into sunglasses that look like normal fashion eyewear, raising major privacy concerns. It highlights reports that footage captured by the glasses may be reviewed by human contractors to help train Meta’s AI systems, and notes critics’ concerns about how easily people can be recorded in public without their knowledge. Although the glasses include a small LED indicator when recording, many people reportedly don’t notice it. ** Links mentioned on the show ** People Are Calling Meta Ray-Bans “Pervert Glasses” https://futurism.com/future-society/meta-ray-ban-smart-pervert-glasses Meta Employees Are Seeing R-Rated Footage From Its Users’ AI Glasses https://www.inc.com/ava-levinson/meta-employees-are-seeing-r-rated-footage-footage-from-its-users-ai-glasses/91311763 Think Twice Before Buying or Using Meta’s Ray-Bans https://www.eff.org/deeplinks/2026/03/think-twice-buying-or-using-metas-ray-bans ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today by going to our YouTube channel’s membership section: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/join ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post The Privacy Problem With Meta’s Ray-Ban Smart Glasses appeared first on Shared Security Podcast.

In a move that bucks the entire industry trend, TikTok has confirmed it will not implement end-to-end encryption (E2EE) for direct messages on its platform — arguing that E2EE would make users less safe. We break down what’s really going on: the child safety argument, the privacy counterargument, the geopolitical questions surrounding ByteDance, and what it all means for TikTok’s 1 billion+ users. If you use TikTok, this episode is essential listening. ** Links mentioned on the show ** TikTok won’t protect DMs with controversial privacy tech, saying it would put users at risk https://www.bbc.com/news/articles/cly2m5e5ke4o ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today by going to our YouTube channel’s membership section: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/join ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post TikTok Says No to End-to-End Encryption: Here’s Why That’s a Big Deal appeared first on Shared Security Podcast.

Anthropic’s Claude Code Security research preview promises AI-powered code analysis and vulnerability detection at scale. The announcement triggered strong reactions across the cybersecurity community and sent several vendor stocks lower. In this episode, we break down what the tool actually does, where it fits in modern AppSec, and whether AI automation threatens traditional security products or simply makes teams more efficient. Expect a practical, no-hype conversation about what changes and what doesn’t. ** Links mentioned on the show ** Anthropic’s New Claude AI Security Tool Wipes Out Over $15 Billion From Cybersecurity Stocks https://www.linkedin.com/pulse/anthropics-new-claude-ai-security-tool-wipes-out-17jje/ Making frontier cybersecurity capabilities available to defenders https://www.anthropic.com/news/claude-code-security ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Claude Code Security: The AI Shockwave Hitting Cybersecurity appeared first on Shared Security Podcast.

TikTok has shifted to a majority-American entity, TikTok USDS Joint Venture, LLC, to comply with U.S. national security requirements and avoid a ban. This week we discuss why a recent privacy policy update went viral—especially language about sensitive data like immigration status and precise location—and argue much of it reflects longstanding practices and required California privacy disclosures. We emphasize reading policies, understanding your threat model, and making your own decision about using TikTok or other social platforms. The episode also briefly mentions Ring ending its partnership with Flock and a rumored internal email about expanding Ring’s “search party” feature. ** Links mentioned on the show ** TikTok users freak out over app’s ‘immigration status’ collection — here’s what it means https://tech.yahoo.com/social-media/articles/tiktok-users-freak-over-app-043402475.html Here’s what you should know about the US TikTok deal https://techcrunch.com/2026/01/23/heres-whats-you-should-know-about-the-us-tiktok-deal/ TikTok’s Privacy Policy https://www.tiktok.com/legal/page/us/privacy-policy/en ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post TikTok’s New U.S. Deal and Privacy Policy: What Users Don’t Understand appeared first on Shared Security Podcast.

In this episode, we discuss two major tech stories impacting privacy and security. First, we analyze Ring’s new AI-powered ‘Search Party’ feature and its controversial Super Bowl ad that sparked privacy concerns. We then transition to a breaking story about a zero-click remote code execution flaw in the Claude Desktop, highlighting the potential risks of AI. The hosts also reflect on their most popular YouTube episode on why Gen Z is ditching smartphones. ** Links mentioned on the show ** How to disable Search Party on your Ring Camera Open the Ring app, tap the hamburger menu, then choose “Control Center.” Here, choose “Search Party,” then choose the “blue Pet icon” next to each of your cameras for “Search for Lost Pets.” Ring’s ‘Search Party’ Feature Is Creepy, but You Can Disable It https://lifehacker.com/tech/how-to-disable-rings-search-party-feature ‘Dystopian’ Super Bowl Ad for Ring Camera Gets Bipartisan Blowback: ‘Propaganda for Mass Surveillance’ https://www.yahoo.com/news/articles/dystopian-super-bowl-ad-ring-170548614.html Claude Desktop Extensions Zero-Click RCE Flaw Exposes Over 10,000 Users to Silent Attacks https://cyberpress.org/claude-desktop-extensions-zero-click-rce-flaw/ ** Watch this episode on YouTube ** https://youtu.be/QBhYDtbPkeE ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Ring’s Search Party ‘Dystopia’ Debate & Claude Zero-Click RCE Vulnerability appeared first on Shared Security Podcast.

Autonomous AI assistants are hitting the mainstream — but at what cost? This week, we discuss the recent OpenClaw phenomenon (formerly Clawdbot/Moltbot), the security fiasco surrounding Moltbook’s exposed database, and the quirky yet concerning AI agent dating platform MoltMatch. We explore the privacy and cybersecurity implications of entrusting AI agents with sensitive access and how defenders should think about emerging agentic risks. ** Links mentioned on the show ** OpenClaw (a.k.a. Moltbot) is everywhere all at once, and a disaster waiting to happen https://garymarcus.substack.com/p/openclaw-aka-moltbot-is-everywhere Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the Site https://www.404media.co/exposed-moltbook-database-let-anyone-take-control-of-any-ai-agent-on-the-site/ https://www.moltbook.com/ MoltMatch is a dating platform for AI agents. No, we are not kidding https://moltmatch.com/ https://www.msn.com/en-ca/money/news/moltmatch-is-a-dating-platform-for-ai-agents-no-we-are-not-kidding/ar-AA1Vutk7 ** Watch this episode on YouTube ** https://youtu.be/GPVbWqLf7fw ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post OpenClaw & Moltbook: AI Agents and Cybersecurity Risks appeared first on Shared Security Podcast.

Younger generations are increasingly ditching smartphones in favor of “dumbphones”—simpler devices with fewer apps, fewer distractions, and less tracking. But what happens when you step away from a device that now functions as your wallet, your memory, and your security key? In this episode, Tom and Scott explore the dumbphone movement through a privacy and cybersecurity lens. Drawing from a recent Wired article, the conversation digs into digital burnout, surveillance capitalism, multi-factor authentication dependencies, and whether opting out of smartphones is an act of digital self-defense—or a step toward digital disadvantage. ** Links mentioned on the show ** Dumbphone Owners Have Lost Their Minds https://www.wired.com/story/dumbphone-owners-have-literally-lost-their-minds/ Previous Shared Security episode from 2022 about the rise of dumbphones https://sharedsecurity.net/2022/04/18/dumbphone-sales-are-soaring-john-oliver-blackmails-congress-cicada-chinese-apt-group/ ** Watch this episode on YouTube ** ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post Why Gen Z is Ditching Smartphones for Dumbphones appeared first on Shared Security Podcast.

In this episode, we explore the latest changes to AirDrop in iOS 26.2 and how they enhance privacy and security. Learn about the new 10-minute limitation on the ‘Everyone’ setting and the introduction of AirDrop codes for safer file sharing with non-contacts. We also discuss best practices for configuring your AirDrop settings to safeguard your privacy, including tips for high-risk individuals and general recommendations for everyday use. Stay informed and keep your device secure by updating to the latest iOS version and regularly reviewing your AirDrop settings. ** Links mentioned on the show ** iOS 26.2 adds an AirDrop security tool that you shouldn’t ignore on your iPhone https://www.digitaltrends.com/phones/ios-26-2-adds-an-airdrop-security-tool-that-you-shouldnt-ignore-on-your-iphone/ ** Watch this episode on YouTube ** https://youtu.be/roBhU2AvuTs ** Become a Shared Security Supporter ** Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today! https://patreon.com/SharedSecurity ** Thank you to our sponsors! ** SLNT Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”. Click Armor To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity ** Subscribe and follow the podcast ** Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social Follow us on Mastodon: https://infosec.exchange/@sharedsecurity Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/ Visit our website: https://sharedsecurity.net Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe Leave us a rating and review: https://ratethispodcast.com/sharedsecurity Contact us: https://sharedsecurity.net/contact The post AirDrop Security in iOS 26.2: Time Limits, Codes & Privacy Best Practices appeared first on Shared Security Podcast.