Vista’s speech recognition "flaw" a beat up

February 1, 2007
by John Pospisil

Is it just me or is the whole world getting a bit too sensitive about what constitutes a security flaw?  The online media is saying that the speech recognition vulnerability, discovered by Sebastian Krahmer and George Ou, is the first Vista security “flaw” to be discovered since Vista’s consumer launch earlier in the week.

Vista's speech recognition "flaw" a beat up

Vista speech recognition – security flaw or beat up?

Vista allows you to control your computer using speech, but as Sebestian and George discovered, it could also allow remote baddies to control your computer via prerecorded speech. Earlier versions of Windows featured less sophisticated speech recognition, and support for fewer commands, and so aren’t vulnerable to this kind of attack.

For bad guys to take advantage of this ”flaw”, you would have to visit a web site where an audio file would play and give your computer the instructions to delete your My Documents folder, for example.

In addition to visiting this malicious web site, you would also need your microphone switched on, your volume turned up, speech recognition enabled, and it would also help if you weren’t in the room after you loaded the naughty web page. A highly unlikely scenario.

I do grant that it’s an interesting story, and certainly an interesting Vista quirk, but calling it a security “flaw” is going a little too far.

Microsoft’s Security Response Center Blog has downplayed the problem, stating that: “While we are taking the reports seriously and investigating them accordingly I am confident in saying that there is little if any need to worry about the effects of this issue on your new Windows Vista installation.”

While I do enjoy Microsoft bashing (like any hack does), on this occasion I have to side with Microsoft, and say that the “security flaw” story is a beat up.

  • Print
  • Digg
  • Facebook
  • Twitter
  • Mixx
  • Reddit
  • StumbleUpon


Related Posts:

Posted in Internet, Security, Technology, Vista | 1 Comment » Read more from John Pospisil

One Response to “Vista’s speech recognition "flaw" a beat up”

  1. John:
    February 2nd, 2007

    Amen, people need to make better word choices to accurately describe non-events like these.

    It’s not a flaw or a vulnerability if the software is doing what it was designed to do, control by voice. Give me a break!

Leave a Reply:


Recent stories

Featured stories

RSS Windows news

RSS Mac news

RSS iPhone & Touch

RSS Mobile technology news

RSS Green tech

RSS Buying guides

RSS Gaming news

RSS Photography news

Copyright © 2010 Blorge.com