Welcome to p2pnet.net - The original daily p2p and digital news site. Always First!
REGISTER | LOGIN
RIAA News
Cool Stuff
MPAA News
Games / Consoles
News
Music
Movies
Reviews
Open Source
Mobiles
Advertising
Products
P2P
Off Topic
Freedom
Politics
Interviews
Security
DRM
Links
Kids and Kartels
Search: 
Search
 
Web P2PNET   
   Search: 
Search
Torrent Site Tracker
Teksavvy
 
Add real-time p2pnet headlines to YOUR site ! Click here to download our newsfeed code

Vista security hole

p2pnet.net News:- Bill and the Boyz admit their latest money-spinner, Vista, has something of a free speech problem.

There’s a security hole on the voice recognition application.

“In order for the attack to be successful, the targeted system would need to have the speech recognition feature previously activated and configured,” says Adrian on the Microsoft Security Response Center blog.

“Additionally the system would need to have speakers and a microphone installed and turned on.”

Wouldn’t that have to be the case if you wanted to use the system?

Not only but also, “The exploit scenario would involve the speech recognition feature picking up commands through the microphone such as ‘copy’, ‘delete’, ’shutdown’, etc. and acting on them,” says the post, going on:

These commands would be coming from an audio file that is being played through the speakers. Of course this would be heard and the actions taken would be visible to the user if they were in front of the PC during the attempted exploitation. It is not possible through the use of voice commands to get the system to perform privileged functions such as creating a user without being prompted by UAC for Administrator credentials. The UAC prompt cannot be manipulated by voice commands by default. There are also additional barriers that would make an attack difficult including speaker and microphone placement, microphone feedback, and the clarity of the dictation.

Meanwhile, “While we are taking the reports seriously and investigating them accordingly I am confident in saying that there is little if any need to worry about the effects of this issue on your new Windows Vista installation,” Adrian promises.

Do they look like famous last words to you?

. Slashdot Slashdot it!

Also See:
blogIssue regarding Windows Vista Speech Recognition, January 31, 2007

Want to subscribe to p2pnet by email with Feedburner? Just click here.
rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php | | And use our own p2pnet newsfeeds for your site

If your Net access is blocked by government restrictions, try Psiphon from the Citizen Lab at the University of Toronto’s Munk Centre for International Studies. Go here for the official download, here for the p2pnet download, and here for details. And if you’re Chinese and you’re looking for a way to access independent Internet news sources, try Freegate, the DIT program written to help Chinese citizens circumvent web site blocking outside of China. Download it here.

This entry was posted on Thursday, February 1st, 2007 at 1:28 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 1805 times

« previous Tacky Turner ad campaign
Robert ‘Pirate’ Santangelo next »

One Response to “Vista security hole”

  1. Reader's Write Says:
    February 2nd, 2007 at 2:45 am

    Yes there is a problem but “no worries”. The usual runs that M$ will say it’s not a software problem, it’s a user problem.

    But tell me, why would anyone want to use a mic and speakers with vocal commands? After all, the computer only needs the mic to know the verbal commands and you only need the speakers to know it took it.

    Of course in the days of broadband, who in the world would have their computer on line 24 hours a day?

    Did M$ corner the market on Ostriches?

Leave a Reply

Please no spam, attacking others, trolling, posting off-topic. Thanks.

    Sponsored by