This exploit is so far into “why didn’t they see it coming” terrritory that I splorfed coffee all over my keyboard when my geekish roomate sent me the information. Here’s the news: Microsoft provided Vista with the ability to accept voice commands. This lets you tell the computer to open files, save files, delete files and all sorts of useful things. What they did not provide Vista with was the ability to tell which sounds are coming from the speakers and which sounds are coming from your mouth into the microphone. The result? If you play a sound file with Vista commands in it, Vista does what the sounds tell it to do. Even if the commands are to delete all your files and empty the trash to make sure you can’t get them back!
“I was shocked that sound playback could actually take the speech system out of sleep state and easily wake it. Websites can easily autoplay an MP3 file that wakes speech, delete your documents and empty the recycle bin. I’ve actually tested this and it works.“ George Ou, a normally Microsoft-friendly columnist on ZD Net (http://blogs.zdnet.com/Ou/?p=416), can’t quite understand how this happened, but he confirmed that it does work.
Where can this lead? Well, I certainly would not want to have the sound command input running while I surfed the internet. Any website could have an MP3 playing with the commands to do rude and annoying things to my computer. While reading e-mail? I’d hate to pop open an email and have it take over my computer until I could grab for the keyboard.
Here’s a scenario from the user “Rafterman” as a comment on George Ou’s column, where an innocent third party could bork your system: “Imagine using your speakers while Skyping a friend, and they’re running Speech Command too. All that’s needed is for them to say is “Delete My Photos”(or something to that extent) while talking to you, and you’ve instantly lost all your valuable photos. Granted this may sound like a bit of a stretch, but honestly Microsoft should have tested this scenario while developing Speech Command.”
The only safe way to have the voice control feature running would be with the speakers turned OFF. And why did I buy the fancy-schmancy expensive computer with the multi-media doo-dads if I’m not going to use them?
Why wasn’t this caught by any of the millions of beta testers? Most of them don’t think like the bad guys. All they wanted to do was make sure Vista worked with their software, or play with the new shiny toy, or use it for a few hours and write a favorable review and earn their salary. They weren’t looking for security holes: that’s the software architect’s job, that’s the programmer’s job, that’s not the beta tester’s job.
Excuse me while I go download the latest Linux distro … I feel safer with the penguin under the hood.
