Full Disclosure mailing list archives
Re: Vista Speech recognition
From: Sûnnet Beskerming <info () beskerming com>
Date: Sat, 3 Feb 2007 08:50:30 +1030
If you have to use a side channel attack to ensure that the microphone is on and the speakers are active (what ideal target environment will have them both enabled or even fitted? No, I don't believe healthcare will be one), why don't you just use that channel to launch the primary attack? While there is a real concern about this issue, that is all it is - a concern. I agree with Thierry that this is a low risk situation. It will be fun for pranking and the occasional exploit (hmm, it appears my drink holder has been replaced with a credit card slot on my computer), but will be harmless for most. It will be more fun to bind sound to system events, so that every time a dialogue box was presented the system helpfully shouts out 'Cancel'. Okay, so Microsoft's implementation of this feature could have been somewhat better, but it isn't really worth the hype and coverage that it has received to date. Carl Sûnnet Beskerming Pty. Ltd. Adelaide, Australia http://www.beskerming.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Vista Speech recognition Thierry Zoller (Feb 02)
- Re: Vista Speech recognition Valdis . Kletnieks (Feb 02)
- Re: Vista Speech recognition Sûnnet Beskerming (Feb 02)
- Re: Vista Speech recognition James Matthews (Feb 02)
- Re: Vista Speech recognition Valdis . Kletnieks (Feb 02)