Run for the hills, everybody, Windows Vista has been proven vulnerable to the hax0rs mere days after its release — Steve Ballmer should clearly just give up now and resign while he still has a bit of dignity left. Or not. The vulnerability in question is hardly a hack at all, at least of the traditional variety, instead this one relies on you turning up your speakers and leaving your microphone on. See, the new Windows Speech Recognition in Windows Vista has all sorts of new abilities, but unlike Mac OS speech recognition of yore, no keyword is required to make your computer start listening to what you have to say, meaning any stray word could be interpreted as a command by Windows if it has the right tone and is within Vista’s repertoire. Microsoft also hasn’t done anything to ensure speech recognition doesn’t listen to the sounds coming out of your computer via the speakers, all of which means that if you visit a malicious website with the speakers turned up and the mic turned on (and Speech Recognition loaded, of course) an audio file could wake SR, open Windows Explorer, delete the documents folder and then empty the recycle bin. Not exactly the most likely of occurrences, but certain security types are already up in arms, and Microsoft has confirmed the potential problem, but merely recommends users turn of their speakers and/or microphone, along with killing any apps trying to attack them with such verbage. Not the greatest vote of confidence, so perhaps we’ll be seeing a fix for this from Microsoft before too long.
Insomma, per intenderci, basta che uno lasci casse e microfono aperti e che vada su un sito che riproduca un file audio contenente una serie di istruzioni. A questo punto, l’audio uscito dalle casse rientra dal microfono, viene processato come una serie di comandi ed eseguito.
E Microsoft conferma.
Mi sa tanto di fake, ma è divertente…
My father heard about Vista coming on the news. Since he was interested in getting it, he asked me to obtain it and install it on his computer and he would give some cash in return. I told him I was going to do that, but instead I burned an Ubuntu CD and installed it.
Later, when he came home from work, I showed him his new “Vista” install, complete with the latest Office and Solitaire.
Well, it’s been a few days since that and now he says Bill Gates is better than Steve Jobs and brags about how OS X on my iMac is obsolete compared to Vista on his PC.
I will continue with the prank for some weeks, after which I’ll tell him the truth and give him back his money.