Australian IT JOBS : Sydney IT jobs, UNIX jobs, Linux jobs, Java jobs, ASP jobs Linux.conf.au Linux.conf.au
Technology news and Jobs arrow Information Technology News arrow Hackers can speak to your Vista
Hackers can speak to your Vista PDF Print E-mail
Written by Stan Beer   
Friday, 02 February 2007
It appears that Microsoft's new operating system Windows Vista is too smart for its own good. A blogger has found that Vista's speech recognition system is good enough for hackers to issue security breaching commands using malicious sound files on rogue websites.

One of less touted features of Vista is its vastly improved speech recognition system, which allows users to issue commands using spoken words instead of via the keyboard. Naturally, the question arises as to whether hackers could exploit this feature by issuing recorded commands through a computer's speakers.

According to a ZDNet blogger, the answer is yes. George Ou reported that he played a sound file on his PC containing commands which Vista subsequently recognized and executed.

After getting wind of the report by Ou, Microsoft responded by pointing out that a computer would have to be equipped with speakers and have a microphone attached. In addition speech recognition would need to be enabled. Finally, the User Account Control (UAC) security feature of Vista would by default not allow administrator level privileges to be executed by voice.

However, these days many PC users communicate over their computers using Internet telephony programs such as Skype and thus have microphones and speakers permanently attached. In addition, many laptop PCs have built-in microphones and speakers. Also, it may seem strange to many users not to enable a key feature of Vista such as speech recognition.

Therefore, it would appear that on at least a significant proportion of PCs, the conditions may be right for a potential exploit to take place. As far as the UAC is concerned, some reviewers have tipped that there may be a fair proportion of users who may disable it because of the continual annoyance of having to tick query boxes.

The conditions for an attack to occur, therefore, may not be as rare as Microsoft indicates. However, the advice that users should turn off their speakers and microphones when they leave their PCs would appear to be sound (no pun intended).{moscomment}

Tags See All Tags


Stan Beer  Vista  Windows  microsoft 

Get stories like this delivered daily - FREE - subscribe now
When you subscribe get a 12 months license for LiveProject
Valued at $99 USD


LiveWire - Desktop alerts Download the FREE iTWire desktop alert widget LiveWire - Desktop alerts


Del.icio.us!
 
< Prev   Next >
JobsWire Technology Jobs in Sydney
Active Directory  Apache  Software Architect  C#  C++  Cisco  Citrix Cognos  Coldfusion  CRM  Crystal Reports  Software Development  ERP  HTML  IBM  IT Infrastructure  ITIL  J2EE  Java  LAN/WAN  Linux  Lotus Notes  MS Project  .NET  Oracle  SDLC  SQL  IT Support  IT Training  UAT  UML  Unix  XML
JobWire - IT Jobs
Contact , Register , Advertise with iTWire , Links , Register , About iTWire , Feedback , Post your jobs , Events , iTWire site map , Start Blogging
Industry Releases , Submit your release now , Start submitting to iTWire , How to post video