Hacker games, AI travel surveillance, and 25 years of IoT
Hacker games, AI travel surveillance, and 25 years of IoTDigest
This 400th episode features Dave Bittner, Carol Terrio, and Graham Cluelie discussing several cybersecurity topics. The episode begins with a debate on Elon Musk's purported high-level gaming skills in Path of Exile 2, questioning the authenticity of his claims. A significant data breach in Path of Exile 2 is then analyzed, highlighting the lack of proper security measures and data logging. The podcast delves into an article from Wired about predictive travel surveillance using AI, raising concerns about bias and lack of transparency. The hosts also discuss the 25th anniversary of the Internet of Things (IoT) and the introduction of the US Cyber Trust Mark, a voluntary cybersecurity label for IoT devices, questioning its effectiveness. Finally, a review of CES 2025 highlights the "worst in show" awards for smart devices, focusing on cybersecurity vulnerabilities, environmental impact, and privacy concerns. The episode concludes with the hosts sharing their "Pick of the Week."
Outlines
Episode Introduction & Gaming Controversy
Introduction of the 400th episode and discussion of Elon Musk's disputed gaming achievements in Path of Exile 2, alongside the game's popularity.
Path of Exile 2 Data Breach & Security Concerns
Analysis of a significant data breach in Path of Exile 2, highlighting the compromised admin account, password resets, and the lack of adequate security measures.
AI-Driven Travel Surveillance & Ethical Concerns
Discussion of an article on predictive travel surveillance using AI, focusing on concerns about bias, lack of transparency, and the potential displacement of human oversight.
IoT's 25th Anniversary & Cybersecurity Labeling
Discussion of the 25th anniversary of the term "Internet of Things" (IoT) and the introduction of the US Cyber Trust Mark, along with its limitations.
CES 2025 Review & Smart Device Vulnerabilities
Review of CES 2025, highlighting "worst in show" awards for smart devices due to cybersecurity vulnerabilities, environmental impact, repairability, and privacy concerns.
Pick of the Week
The hosts share their "Pick of the Week," including a documentary and a critique of Apple News.
Keywords
Path of Exile 2
Action role-playing game; data breach due to compromised admin account; insufficient security measures.
Predictive Travel Surveillance
AI-driven systems analyzing travel data; concerns about bias, transparency, and potential for false positives.
Internet of Things (IoT)
Network of physical objects; 25th anniversary; security and privacy risks.
Elon Musk
Billionaire entrepreneur; questionable gaming claims; lack of accountability.
US Cyber Trust Mark
Voluntary cybersecurity label for IoT devices; limited effectiveness.
Data Breach
Security incident resulting in unauthorized access to sensitive information.
AI Bias
Unfair or discriminatory outcomes produced by AI systems.
Cybersecurity
Protection of computer systems and networks from theft or damage.
Privacy Concerns
Issues related to the collection, use, and protection of personal information.
Smart Devices
Internet-connected devices with embedded sensors and software.
Q&A
What are the key security concerns surrounding the increasing use of AI in travel surveillance?
AI-driven systems may amplify existing biases, leading to unfair targeting. Lack of transparency raises concerns about accountability and potential misuse.
What lessons can be learned from the Path of Exile 2 data breach?
The breach highlights the importance of robust security measures, including strong passwords, two-factor authentication, and proper data logging. Regular security audits and updates are crucial.
What are the benefits and drawbacks of the Internet of Things (IoT)?
IoT offers benefits in various sectors. However, it also presents significant security and privacy risks due to weak security, default passwords, and the collection of sensitive data.
Why is Elon Musk's gaming behavior relevant to a cybersecurity podcast?
Musk's actions highlight the potential for abuse of resources and lack of accountability among powerful individuals. His claims raise questions about verifying information and the potential for deception.
What is the significance of the US Cyber Trust Mark for IoT devices?
The voluntary nature of the mark raises concerns about its effectiveness. Mandatory standards are needed to ensure the security and privacy of IoT devices.
Show Notes
The video game Path of Exile 2 suffers a security breach, we explore the issues of using predictive algorithms in travel surveillance systems, and the very worst IoT devices are put on show in Las Vegas. Oh, and has Elon Musk accidentally revealed he cheats at video games?
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
- Player of Games - Grimes.
- ‘Path of Exile 2’ Players Call Bulls**t on Elon Musk’s Video Game Stream - Gizmodo.
- Elon Musk "Playing" Path of Exile 2 - YouTube.
- Elon Musk is Lying About Being Good at Video Games - YouTube.
- Elon Musk Streams His ”Totally Not Boosted” ‘Path of Exile 2’ Character, Proves He Has No Idea What He’s Doing - Vice.
- Hacker Broke into ‘Path of Exile 2’ Admin Account, Hijacked Wave of Characters - 404 Media.
- Inside the Black Box of Predictive Travel Surveillance - WIRED.
- Average Number of Smart Devices in a Home 2025 - Consumer Affairs.
- Global IoT and non-IoT connections 2010-2025 - Statista.
- U.S. Cyber Trust Mark: New Label for IoT Devices - National Law Review.
- How the Internet of Things will be good for the planet - Thales Group.
- The ‘Worst in Show’ CES products put your data at risk and cause waste, privacy advocates say - AP News.
- The CES worst in show awards lampoon AI everthing - The Register.
- The Worst Devices of CES 2025!! - YouTube.
- This Could Be Your AI Robot Girlfriend - For $175,000 - Forbes.
- Pick of the week! archive - Smashing Security.
- Elton John: Never too late - Disney Plus.
- Apple News.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
Sponsored by:
- 1Password Extended Access Management – Secure every sign-in for every app on every device.
- Tripwire Enterprise - Set up a demo of Tripwire Enterprise to see how you can simultaneously harden your systems and automate compliance.
SUPPORT THE SHOW:
Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!
FOLLOW US:
Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.
THANKS:
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
Privacy & Opt-Out: https://redcircle.com/privacy
Table of contents
United States
