Using voice commands to take over your computer

Depending on who you ask, it might be an "exploit"...it might not. Speech recognition, that is.

It seems that computers with speech recognition capabilities are susceptible to accepting spoken commands. This has apparently been confirmed by Microsoft in relation to their new operating system, Vista.

Vista will accept spoken commands and execute them. What this means, is that a webpage, such as MySpace or a malicious computer program could play sounds that will interact with the speech recognition program, and initiate malicious activity on your computer, such as file deletions, etc.

Such a sound wave file would slip right by anti-virus software.

To be sure, there are a number of issues that need to be worked out...not the least of which is getting the commands to play when you are not at your computer to stop the process. But do not worry...it will not be long, before the bad guys figure out a way to do so...

One example...taken from the MySpace model...would be to play a typical wave file that has music for the first few minutes and then silence for 40 or 50 minutes, at which time the audio commands would begin to play.

Guess this could mean the end of the "open mike."

Another link related to this topic.


No comments: