Dailydave mailing list archives
Re: Vista speach recognition
From: Curt Wilson <curtw () siu edu>
Date: Wed, 31 Jan 2007 11:16:01 -0600
I've not analyzed this issue but I wonder what it might take to feed some remotely hosted speech directly to the system as user-level commands, bypassing the need for the sound to emerge from speakers and be picked up by a microphone. I'd guess that higher access than a generic user would be required for such a trick to work, such as hooking the voice input routines (if attacker/pentester can do this, why bother with the clumsiness of such an attack), if it would work at all. dan () geer org wrote:
"George Ou" writes: -+----------------- | I just verified that TinyURL.com will give you a nice URL to an executable. | | Here's an example of a URL that opens a .EXE file. | http://tinyurl.com/3d588b | | Now imagine that this was actually a user-mode malicious payload that avoids | triggering UAC which contains ransomware. It's very easy to use Vista | speech command open IE7 and say "tinyURL.com/3d588b", "enter", "run". That | will actually download and launch your desired payload from any website and | TinyURL will make it easy to say. This is actually easier than my | successful document-deleting recycle bin emptying test because it's a | shorter script. | Spectacular! So, for two or more machines that can hear each other, I can make one of them tell another to do something naughty or perhaps I can even use the air itself as a not-very-covert-but-you-know-what-I-mean channel for moving data. Plausible deniability never had it so good. --dan ========== The Oracle: Of course you have. Every time you've heard someone say they saw a ghost, or an angel. Every story you've ever heard about vampires, werewolves, or aliens is the system assimilating some program that's doing something they're not supposed to be doing. Neo: Programs hacking programs... _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
-- Curt Wilson IT Network Security Officer Southern Illinois University Carbondale 618-453-6237 GnuPG key: http://www.infotech.siu.edu/security/curtw.pub.asc _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: Vista speach recognition, (continued)
- Re: Vista speach recognition dan (Jan 31)
- Not the dead "Vista speach recognition" thread (: I)ruid (Feb 06)
- Re: Vista speach recognition Dafydd Stuttard (Jan 31)
- Re: Vista speach recognition jf (Jan 31)
- Re: Vista speach recognition Thierry Zoller (Jan 31)
- Re: [RGSPAM] Re: Vista speach recognition Martin Roesch (Jan 31)
- Re: [RGSPAM] Re: Vista speach recognition christian void (Jan 31)
- Re: Vista speach recognition Sebastian Krahmer (Jan 31)
- Message not available
- Message not available
- Message not available
- Message not available
- Re: Vista speach recognition George Ou (Jan 31)
- Re: Vista speach recognition dan (Jan 31)
- Re: Vista speach recognition Curt Wilson (Jan 31)
- Re: Vista speach recognition dan (Jan 31)
- Message not available
- Message not available
- Message not available
- Message not available
- Re: Vista speach recognition George Ou (Jan 31)
- Message not available
- Message not available
- Message not available
- Message not available
- Re: Vista speach recognition George Ou (Jan 31)
- Message not available
- Re: Vista speach recognition George Ou (Feb 01)
- Re: Vista speach recognition Sebastian Krahmer (Feb 01)
- Message not available
- Re: Vista speach recognition George Ou (Feb 02)
- Re: Vista speach recognition Sebastian Krahmer (Feb 02)
- Re: Vista speach recognition Dave Aitel (Feb 02)
- Re: Vista speach recognition George Ou (Jan 31)
- Re: Vista speach recognition dan (Jan 30)