Vista Speech Recognition has Flaw
Techtree News Staff, Feb 02, 2007 1712 hrs IST
Reportedly, a flaw has been detected in Microsoft's Vista operating system that could allow remote attackers to take advantage of the speech recognition feature.
Reportedly, a flaw has been detected in Microsoft's Vista operating system that could allow remote attackers to take advantage of the new system's speech recognition feature.
Microsoft said that its researchers are investigating the reports of a vulnerability that could allow an attacker to use the speech recognition feature to run malicious programs on Vista systems using prerecorded verbal commands.
The company also said that the speech recognition flaw is novel and notable for being the first publicized flaw in the new operating system since the public launch of Vista earlier this week.
It is, however, learnt that the impact of the flaw is expected to be small. Vista users would need to have the speech recognition feature enabled and have a microphone and speakers connected to their system.
Successful attackers would need to be physically present at the machine, or figure out a way to trick the computer's owner to download and play an audio recording of the malicious commands. But even then, the commands would somehow have to be issued without attracting the attention of the computer's owner. And finally, attackers' commands are limited to the access rights of the logged-on user, which might prevent access to any administrative commands.
A Microsoft security researcher also pointed out that verbal commands could not be used for privileged functions such as creating a new user or formatting a drive. Besides, there are also additional barriers that would make an attack difficult including speaker and microphone replacement, microphone feedback, and the clarity of the dictation.
Microsoft has also recommended that users who are concerned about having their computer shout-hacked should either disable the speaker or microphone, turn off the speech recognition feature, or shut down Windows Media Player if they encounter a file that tries to execute voice commands on their system.
Meanwhile, customers who believe that they have been shout-hacked can contact Microsoft Product Support Services.
USER COMMENTS
I'm not sure everyone shares the need for innovation. Most of what I need to do with a computer, I did on my Timex-Sinclair - most of the advances end up being an opportunity to play. If I didn't have a computer to play on, I might go outdoors and lose some weight. Point being, whether change = improvement is relative to the user. Viewing an OS as a work in progress is a sensible view, if in fact Microsoft worked progressively. I saw this story about a Vista flaw a month ago: http://www.msnbc.msn.com/id/16548318/ The thing that got me was this quote: "The flaw affects older Windows systems, too, and Hypponen said vulnerabilities like these are quite common and can be fixed with a software patch, which Microsoft releases on the second Tuesday of each month except for the most serious threats." If it affects older systems (plural!), presumably it was already known? How did Microsoft manage to ship Vista without addressing threats from past versions of Windows? Accidents will happen, but Microsot coders seem to spend a lot of time wandering in traffic.
by Thomas Westgard, Chicago, on Feb 05, 2007 01:56 AM, Report abuse
.....shout-hacked......HAHAHAHAHAHAHA!!!
by meh, haa, on Feb 03, 2007 11:01 AM, Report abuse Reply
This is THE lamest attempt to report a flaw I have ever seen. I am not an MS or Apple pusher, they are both great products, I like them both for different reasons (and Linux too!) but seriously... So, the hacker has to be physically at the computer and somehow not attract the attention of its owner. I think the dude sitting on your lap might give this effort away. For all you Mac Fanboys out there, if this is a flaw, then all Macs...and pretty much ANY OS have basically the same flaw...if a hacker goes and is physically present at a Mac and tricks the owner into opening ANY program, like say Safari...and it opens! Then well, I guess the Mac is flawed. There's got to be a line of what people call certain things flaws when it should be the common sense of the person using the OS. I really like the hard drive swap comment below...that's a good one too. One more thing...if you "trick" the user into doing anything, the user is flawed and should be educated. What's the old saying, "Fool me once..."
by Mal, San Diego, on Feb 03, 2007 08:56 AM, Report abuse Reply
why is it that you just get used to one win operating system,the they go and change it again,give me win 98 any day
by haz, leeds, on Feb 03, 2007 05:23 AM, Report abuse Reply
So, it's taken you FIVE years to "finally" learn how to use Windows XP? What has you confused? The fact that they changed the START button into a picture of the Windows Logo? If that's far too much for you to comprehend, you can always change the Vista Theme and the Start button back to Classic Mode.
by Mal, San Diego, on Feb 03, 2007 08:37 AM, Report abuse
Who da thunk it!! Another Flawless O.S. brought to us by Brotha Bill. Glad I wasted my hard earned $ !! Thanks Bill !
by R. Grapes, Canal Fulton, on Feb 03, 2007 05:29 AM, Report abuse Reply
Thats the stupidist report I've ever seen. This is even worse than the hundreds of reports about how "no one seems to care about vista" how is it no one cares when every day the articles about it MAKE THE DAMN FRONT PAGE. This is not a "hack" (though I do like the phrase "shout-hacked", its like saying someone could hack your computer if they took out your hard drive, put in another hard drive with windows...put a password on your account and set it to log off after being idle for 30 min and your safe...shit this is like publishing an article saying that Vista has been hacked because you walked up to your friends computer and logged onto his account because he didn't put a password on it. My god...why publish this. I'm sure its going to be all over the news when I get home too...
by Ian, Austin, on Feb 03, 2007 02:10 AM, Report abuse Reply
Every time a Windows OS comes out, it has errors. Why can't they just fix them before they release it, instead of after you buy it? Long live the iMac!!
by Gary Montague, dallas, on Feb 02, 2007 05:50 PM, Report abuse Reply
Your comparison of the tow is flawed: Windows is an OS, iMac is a computer. I take it you don't dowload any of Apple's Security Updates to apply to your iMac?
by Alex, Verona, on Feb 02, 2007 08:06 PM, Report abuse
Ya Like the Mac does not have its problems... ever notice that OS 10 has 2x to 3x the patches then the previous versions of the OS? Not to mention that the level of integration between the OS and hardware on the MAC prevents the needed flexibility for many apps.
by SMan, Toledo, on Feb 02, 2007 10:17 PM, Report abuse
Easy fix to this. It is called Anti-VOX. We use it in amateur radio for hands free operation. The idea is you feed back some of the speaker audio to the input out of phase so you don't detect it!
by Bruce G, Plainview, on Feb 02, 2007 09:36 PM, Report abuse Reply
I have issues with MS like everyone else but this is ridiculous. IT IS LIKE SAYING THAT THERE IS A SECURITY FLAW IN THE COMPUTER MOUSE. IF SOMEONE COULD GAIN PHYSICAL ACCESS TO THE MOUSE, WITHOUT THE OWNER'S CONSENT, THE HACKER COULD THEN GAIN ACCESS TO THE SYSTEM. IN FACT, I THINK THIS MOUSE "HACK" WOULD BE EASIER THAN THE VOICE RECOGNITION "BACKDOOR" OUTLINE ABOVE BECAUSE YOU CAN PERFORM THIS MOUSE HACK WITHOUT TALKING AND CAUSING MORE ALARM ! Ha
by Troy Henley, Columbus, OH, on Feb 02, 2007 08:42 PM, Report abuse Reply
Give me a break, this is not a FLAW, but a clever use to existing technology. People aren't exploiting backdoors or writing code to break into computers, it's a voice control system responding to VOICE CONTROLS. It's like a universal remote working on your TV. Get a grip and choose a different word to more accurately describe this 'flaw'
by Mike, Chicago, on Feb 02, 2007 07:07 PM, Report abuse Reply
Come on guys. Its about high time that you stop depending on other TECH sites for these kind of news articles. I read this article on a very popular site about 2 days ago. And this isnt happening for the first time. Every day I come across atleast 4 to 5 articles which have been copied from the other site.
by Sam, Mumbai, on Feb 02, 2007 06:56 PM, Report abuse Reply
Simply press the tiny red button with the tip of a pen. Now, while holding the red button down, use your other hand to turn the green lever on the back of the unit. The lever is spring-loaded, so you'll need to hold it in place while you perform the next action. Using your teeth, open the lid by biting the front edge and lifting upward. Now, with your foot, push down on the main part of the unit. Once it's open, turn the entire unit upside-down (you'll need to lie on your back to do this--if you let go of the button or the lever, the lid will snap back into place) and shake the entire unit furiously. Your prize should drop out. If you have any problems with this simple procedure, please call technical support.
by Mark F., Seattle, on Feb 02, 2007 06:53 PM, Report abuse Reply
old new's boring, nothing we didnt no before, and pointless, just one more way to take a stap at MS. iff someone got attacked because of this flaw they should send the PC back to the store.
by mick, milwaukee, on Feb 02, 2007 06:18 PM, Report abuse Reply
You know I love how it is always Window's fault. I'm not saying Windows doesn't have its faults but come on! Are we going to claim that any computer than can accept voice commands is vulnerable? Because I believe speech recognition software has been around far longer than Vista. But this only gets pointed out because it's Windows.
by Adam, Rochester, on Feb 02, 2007 06:07 PM, Report abuse Reply
Old news....... The problem was there in RC2 also..... but not rectified till now ... but anyway thank techtree to highlite this, as it is not too late........
by subhadeep, Hyderabad, on Feb 02, 2007 06:01 PM, Report abuse Reply
Big deal man ... wonder if any of you have actually read through the advisory
by anonymouse, a, on Feb 02, 2007 05:56 PM, Report abuse Reply
VIEW ALL LATEST
Leaked: HTC's WiMAX enabled T8290
News > Gadgets , October 11, 2008 1151 hrs IST
A new model that looks like the HTC Touch HD with WiMAX capability ...
Cheap Holographic Storage To Come Home
News > Hardware , October 11, 2008 1107 hrs IST
Will hold from 300 GB to 1 TB ...
Windows 7 Will Refine UAC
News > Software , October 11, 2008 1003 hrs IST
Will cease annoying you as much ...
iPhone Gets Brian Eno's Music
News > Gadgets , October 10, 2008 1759 hrs IST
Bloom app brings soothing music to your ears ...
Quantum Cryptography-New Kid on the Security Block
News > Security , October 10, 2008 1750 hrs IST
New solution for the ultra paranoid ...
MOST REQUESTED REVIEWS
Microsoft NEWS
|
Windows 7 Will Refine UACWill cease annoying you as much |
|
New Xbox Experience due November 19thNew features including a new dashboard, avatars, game installs and more are... |
|
External Blu-ray player for Xbox 360?News | Consumer Electronics | 10 Oct 2008 Rumours point to 'coming soon' |
Microsoft REVIEWS
|
Too Human -- ReviewReviews | Games | Reviews | 16 Sep 2008 An experience Too Ordinary. Too Human offers little more than frustration -- at... |
|
Living with Office LiveReviews | Software | Office Suites | 20 Jul 2008 For those who love Microsoft Office and need a simple backup solution, you'll... |
|
Microsoft LifeCam VX-6000Reviews | Peripherals | Webcams | 11 Jun 2008 A cool tool to chat up with your friends, or is it? |
Microsoft USER REVIEWS
|
Mice Wireless Optical Mouse 5000Microsoft | Mice | Thu, 14 Jun 2007 Very Good Mouse Microsoft have produced, |
|
Web Cameras LifeCam VX-3000Microsoft | Web Cameras | Wed, 06 Dec 2006 Package included *LifeCam VX3000 camera *Sofware CD (LifeCam ver... |
Software NEWS
|
|
Windows 7 Will Refine UACWill cease annoying you as much |
|
Beat The PowerPoint Blues With ZuiPreziA new way to do presentations. Really. |
|
Operating Systems are Less Important: OperaA brief tete-a tete with Jon S. von Tetzchner - CEO, Opera. We talk Firefox,... |
Software REVIEWS
|
Software ExplorerReviews | Software | Productivity | 05 Oct 2008 Take a look at these software that you may find both interesting and helpful. |
|
Chrome Part II : PerformanceReviews | Software | Internet | 14 Sep 2008 Last time we took a look at what Chrome did, today we see just how much of an... |
|
Google Chrome: Bare EssentialsReviews | Software | Internet and Networking | 07 Sep 2008 A lot has been said about Google Chrome but let's see what it has to offer the... |
Software USER REVIEWS
|
Auslogics BoostSpeed 4software | Auslogics | Tue, 06 May 2008 A powerful and easy to use Windows optimization suite that really does its job... |
|
|
Morange Morangesoftware | Morange | Sat, 20 Oct 2007 great free or paid version |
|
|
tally 7.2 tally 7.2software | tally 7.2 | Wed, 02 Aug 2006 Basic accounting requirement of displaying balance after each transection... |
MOST POPULAR NEWS
|
Could A DVR Save Your Marriage?News | Consumer Electronics | 04 Sep 2008 ...Or should you stick to your shrink? |
|
Firefox Counters Chrome's Speed TestAccording to Mozilla's SunSpider test, Firefox 3.1 is 28% faster than Chrome on ... |
Also, without innovation, technology would never move forward. Whether the change is good or bad, things must change in order to find a better way. I am all up for innovation and the competitiveness of Microsoft vs Apple vs Linux...we are all reaping the benefits of their competition and innovations! Why stop at Win98? Why not just use Win3.1...or DOS even? Forget those, just use a Commodore 64. People think of Operating Systems as a "Finished Product". OSes are works in progress, and if people think of them that way, they may accept the changes easier, knowing there will be another major version a couple years later.
by Mal, San Diego, on Feb 03, 2007 09:10 AM, Report abuse Reply