Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Best. Vista. exploit. ever!

From: David Farber <dave () farber net>
Date: Fri, 9 Feb 2007 15:54:04 -0500


Begin forwarded message:

From: Dana Blankenhorn <dana () a-clue com>
Date: February 9, 2007 2:57:03 PM EST
To: dave () farber net
Subject: Re: [IP] Re: Best. Vista. exploit. ever!

This actually saddens me greatly.
Since I began working for Martin Bayne's assistive technology blog http://www.martinkennethbayne.typepad.com/ I have learned that Microsoft Vista has been eagerly awaited by the assistive technology community as a solution to the problems of blind and deaf users.
Because the assistive features, including screen reader support, are built into the OS, they will be easily accessible by all applications. And they're built into Office as well.
Sun has even built an ODF converter to the MS Office formats specifically so they can support the assistive community.
What this exploit does is destroy a lot of hope, for a lot of people. If it is so easy to wreck a computer by talking to it, who's going to want to support speech recognition, screen readers, and the other features blind and deaf people need? 

Dana Blankenhorn   dana () voic us
editor    www.voic.us
ZDNet Open Source blog  http://blogs.zdnet.com/open-source/
On 2/9/2007 2:31:01 PM, dave () farber net wrote:
> Begin forwarded message:
>
> From: Ross Stapleton-Gray <ross () stapleton-gray com>
> Date: February 9, 2007 2:04:24 PM EST
> To: dave () farber net, Ethan Ackerman <eackerma () u washington edu>
> Subject: Re: [IP] Best. Vista. exploit. ever!
>
> At 09:30 AM 2/9/2007, David Farber wrote:
> > The SANS blog has a nice summary of an innovative exploit in MS
> >
> Vista's speech recognition implementation - a malicious audio file can 
> > be used to give user-level control.  It does so not in the usual
> > buffer overflow or mileading header corruptions, but by actual voice 
> > recognition of spoken scripting commands.
>
> I'd
> like to nominate "Soupy Sales Attack" as an identifier for this
> exploit, evoking the
> comedian's famous stunt, where he asked kids
> watching his show to raid their parents'
> purses and wallets: http://
> www.snopes.com/radiotv/tv/soupy1.htm
>
> Ross
>
>
>
> ----
> Ross Stapleton-Gray, Ph.D.
> Stapleton-Gray & Associates, Inc.
> http://www.stapleton-gray.com
> http://www.sortingdoor.com
>
>
>
>
>
>
> -------------------------------------------
> Archives: http://archives.listbox.com/247/
> Powered by Listbox: http://www.listbox.com

-------------------------------------------
Archives: http://archives.listbox.com/247/
Powered by Listbox: http://www.listbox.com
Previous By Date Next
Previous By Thread Next

Current thread: