Careless talk costs files

Ha! I missed this! This is wonderful. There’s a security hole in Vista for which I can’t really attach much blame to Microsoft – I don’t think I’d have thought of it either…

Vista has a speech recognition engine built in – apparently it’s not too bad, at least for telling your PC to execute simple commands like copying files, closing windows etc.

The security hole is that if you have the recognition switched on, and somebody sends you an audio file by email or IM, and you play it, the microphone will pick up the sound coming out of your speakers. If that sound happens to be speech with instructions to delete a file and empty the trash folder, your computer might well obey it!

Presumably this can also happen with a web page you might browse to… You know those annoying ones which have some animation playing audio and you can’t work out how to turn it off? Well, imagine that the audio says something along the lines of ‘Send a New mail message to All your contacts with Subject: I love this product….’

Enjoyed this post? Why not sign up to receive Status-Q in your inbox?

1 Comment

Hi there Quentin, Just found your blog and I think it’s great. I shall have to add a link to mine when I next update my site. I shall return to read more of your posts. Wishing you all the best and a Happy Chinese New Year – Golden pig. Michelle

Got Something To Say:

Your email address will not be published. Required fields are marked *

To create code blocks or other preformatted text, indent by four spaces:

    This will be displayed in a monospaced font. The first four 
    spaces will be stripped off, but all other whitespace
    will be preserved.
    
    Markdown is turned off in code blocks:
     [This is not a link](http://example.com)

To create not a block, but an inline code span, use backticks:

Here is some inline `code`.

For more help see http://daringfireball.net/projects/markdown/syntax

*

© Copyright Quentin Stafford-Fraser