[LINK] Vista analogue security hole
Adam Todd
link at todd.inoz.com
Sun Feb 4 11:21:42 AEDT 2007
At 10:55 AM 4/02/2007, Rick Welykochy wrote:
>Jan Whitaker wrote:
>
>>This link includes a response from MS and a brief explanation of a
>>potential risk associated with the speech recognition capabilities in Vista.
>>http://blogs.zdnet.com/Ou/?p=418
>
>Ya gotta luagh.
>
>" Microsoft recommends customers take the following action to protect
> themselves from potential exploitation of the reported vulnerability:
>
> * A user can turn off their computer speakers and/or microphone.
> * If a user does run an audio file that attempts to execute commands
> on their system, they should close the Windows Media Player, turn
> off speech recognition and restart their computer."
>
>Not only does Vista *not* play CDs properly (from the Vista vs Linux
>article), now the users are being told to turn off their speakers.
The world would be much more peaceful if we didn't have to listen to
everyone else's background noise :)
>I wonder why turning off *speakers* limits the damage caused by speech
>recognition. Clue stick, anyone?
Ahh. Easy. Because the SPEAKER puts the sound into the Air, and the
Microphone picks it up and passes the sound to the speech rec engine.
Of course, some people might have their WAV and OUTPUT devices routed
directly to an INPUT device which points to the Speech Rec engine and so
turning the speakers off will do nothing. But that's rare. I appear to be
one of few people who do some kind of internal routing.
>LOL ... interesting that MS hasn't fix one basic problem with Winders: the
>system still must be rebooted whenever a change is made. Ya gotta laugh.
>Otherwise you'd cry.
I shake my head actually.
Although most times I don't have to reboot windows (XP or 2K) when I make
changes. I usually say NO or ignore the prompt till Windows naturally
starts to have problems then reboot.
More information about the Link
mailing list