Microsoft (NASDAQ:MSFT) is claiming "no harm no foul" in a hackers dream scenario which has come to light. It seems Windows Vista may allow would-be evildoers to whisper sweet nothings in your computer's ear and subsequently shut it down and/or delete material. An article at Red Herring exposes an apparent voice recognition loophole in the new Windows Vista operating system. The claim is that it has been shown that a hacker can invade the system... for or with a song.
Microsoft has downplayed the glitch, claiming that it's a small problem and it has similarly been encountered before. If that attitude is intended to make consumers feel better about possible system breeches, I'm afraid that Microsoft has another thing coming. Perhaps MSFT hasn't heard that PC security tops the list of consumer concerns in the IT world. Perhaps I need to send them a scathing letter (place sinister chuckle here).
We need to also consider how this Vista voice recognition glitch may be exploited further down the road. In light of the heavy usage of P2P BitTorrent type technologies for music sharing and similar, what is the potential for nasty audio hacker attacks to become widespread and destructive? If Windows Vista can be manipulated by virtual attacks placed within or alongside a song then just how far can audio-borne hacking go?
Could the theme from the Wizard of Oz direct your computer to upload your bank account numbers? Could the Budweiser jingle destroy your digital image files? Could a Billy Joel ballad crash your hard drive? And Metallica, oh my gosh, what could their stuff instruct your Vista supported computer to do? One thing is for sure, Microsoft had better hit this thing hard and fast. To soft-sell this problem would be to play the fool. Microsoft has too much riding on Windows Vista to simply hope that this problem will somehow resolve itself or simply be ignored.
I just thought of something else also. We have witnessed the far-reaching affects of audio recordings before. What could be the possible outcome if someone got the bright idea to play a Beatles song backwards via Windows Vista? I almost shudder to think about it.
Will Rich Ross really have a positive impact on Disney's movie operations?
Consumers sick of recession, may spend extra on holidays
Corrections, seasonality and Santa Claus
Reader Comments (Page 1 of 1)
2-06-2007 @ 11:22PM
tony hicks said...
I am so sick of MSFT. I am tired of pop ups, viruses, freeze ups etc......with so many brilliant millionairs why cannot they make it work as good as a mac?
I have never owned a mac, but every mac owner i talk too loves em....my next computer (which will be this year) will be a mac....i will deal with finding software....it will be happy to surf freely without restarting a $1000 computer!!!!!
2-07-2007 @ 2:22AM
John said...
You should read this article:
http://www.guardian.co.uk/commentisfree/story/0,,2006031,00.html
Coming from a person who has worked in tech, I completely agree with this article.
In response to the blog post... gee, if you enable microphone... and turn your speakers on... and play a sound file recorded by a hacker... you may be vulnerable to a security break. In other news, I've heard that if I left all my doors and windows open I could be vulnerable to theives.
This "exploit" is nothing new, could be done on macs right now, could be done in windows xp. A little common sense is probably the best security.
Vista is so much more secure than xp. Everything is now compartmentalized - as in, if hackers break in through a loophole in your print and fax settings or something, they can ONLY mess with print and fax. With regard to Mac security - if you were a virus author, would you make a virus that affects 90% of worldwide computers, or would you make a virus for the other 10%? Just because there are less viruses out there for Mac does not mean Macs are more secure.
2-06-2007 @ 11:24PM
Curt said...
John, Your reply is a bit too polished. I bet reverse DNS of your from IP would be from .microsoft.com.
Without regard to this not being new news, why is still exploitable in Vista?
I too have low regard of MS's caring for their customers. "Genuine Advantage", come on MS, who do you really care about?
MS is just a ranting Digital Equipment ghost, going to the same end. Too bad no one's concerned with the user's stability.
curt
2-08-2007 @ 2:09AM
John said...
To Curt:
Just because my response was "polished" does not mean I work for MS, I merely spent the 2 extra minutes to think of a decent response to post 1.
Additionally, this is not really an "exploit". How would you recommend they fix it? The only way to stop this is to turn off voice recognition, which is entirely on the user side. How do you program voice rec. to recognize your voice, but not some hacker's? It's a "security hole" that is entirely on the user side, not the software side.
I also agree that MS sucks in terms of customer service. Like I said, I've worked in tech before, and know what a pain it is to activate everything, etc. But, it doesn't change the fact that I can't play most games on a Mac (without dual OS), and Macs are terrible in that they cannot be upgraded/customized (I don't mean adding a stick of ram) readily.
2-07-2007 @ 12:50PM
Laurence Gayao said...
I have been using both MAC and windows for years, I have had no problems with both of them, since I have use 1-2 gig of RAM and use firewalls and ativirus programs, keep updates and operating system maintainace regularly.