Vista Speech Recognition Flaw

Jimmy 2004 · Feb 2, 2007

Three days after being released, the first major flaw has been published for Windows Vista. For anyone with speech recognition enabled, malicious websites or audio files could potentially give commands to hijack the PC and tell it to delete files. It works by playing commands such as shutdown, copy or delete through the speakers which could then be picked up by the microphone, causing the computer to carry out certain tasks. Microsoft admits that the exploit is "technically possible" but doesn't see it as a major problem. This flaw is more down to new features than problems with the coding of Vista, and it shouldn't be a problem for most people.

View at TechPowerUp Main Site

EviLZeD · Feb 2, 2007

hehe vista is so stable and bug free

EastCoasthandle · Feb 2, 2007

This makes using AIM, yahoo messenger, etc a cautious thing indeed when speech recognition is enabled. Using the mic feature in these online chatting programs can re-create this very problem.

For example, you decide you want to use the mic feature instead of text messaging and you say:

Delete C.....

opposing user's response when balloon pops up on screen = :wtf:

"how did you do that?"

......YES, continue

opposing user's response = :twitch:

"wait, stop that!"
[user disconnected]

Wash, rinse, repeat.

bhaskar15 · Feb 2, 2007

hmm,this flaw isn't a risk for me. I mostly never use speech recognition while online.

Deleted member 24505 · Feb 2, 2007

i wont use speech anyway.and anyone remember how many bugs xp had at first?

i'm using it as my primary os now too.it seems ok to me.

Benpi · Feb 2, 2007

LoL, this isn't a hack. So basically if someone puts an audio clip on their website that says "Open My Docuoments, Delete, Empty Recycle Bin" and your speakers are loud enough to be picked up by a mic, and you happen to have voice recognition on, you'll lose your documents folder...... people just try to find things to write stories about. This is retarded.

lemonadesoda · Feb 2, 2007

This is hilarious! Can't imagine that Vista programmers were so short sighted. Easily solved with a patch. No speech recognition (command recognition) if SOUND OUT (no mic when playing). Easy to implement.

WarEagleAU · Feb 2, 2007

Thats funny. I never thought about it like that. I wonder if this means that Dragon Naturally Speaking (which I think I bought version 4.0 from AOL a loooong time ago) has the same capacity to do such destruction.

Alec§taar · Feb 2, 2007

WarEagleAU said:
Thats funny. I never thought about it like that. I wonder if this means that Dragon Naturally Speaking (which I think I bought version 4.0 from AOL a loooong time ago) has the same capacity to do such destruction.

"StRaNgE & UnUsUaL" attack vectors abound...

* Odd, I agree, but VERY possible!

APK

Sasqui · Feb 2, 2007

tigger69 said:
i wont use speech anyway.and anyone remember how many bugs xp had at first?

i'm using it as my primary os now too.it seems ok to me.

Good point - remember history!!! (It almost ALWAYS repeats itself).

W1zzard · Feb 2, 2007

so you bring a borg infected tape recorder onto the enterprise and it plays back "initiate self destruct sequence" ?

Alec§taar · Feb 2, 2007

W1zzard said:
so you bring a borg infected tape recorder onto the enterprise and it plays back "initiate self destruct sequence" ?

Aha! See?

* PROOF, that it "comes w/ the territory" in this field, that being a "Sci-Fi" fan IS truly, part of the mixture required... & that I am NOT THE ONLY ONE!

(LOL!)

APK

zekrahminator · Feb 2, 2007

You know, speech recognition shouldn't be allowed to do those functions anyways.

lemonadesoda · Feb 2, 2007

AGREED, speech recog should not have such commands. It should be to "enchance" not substitute use of keyboard and mouse. It should therefore be to improve workflow of common tasks, e.g. the user selects some text, and says "bold"... and hey presto, the format changes. That saves a lot of mouse movement or key clicks.

But file commands... NO. Not unless it is designed for special purpose needs like "advanced handicapped input" for blind people. However, all it takes is for a meanie to walk into their room and say;

"change password to Supercalifragilisticexpialidocius-muhaha-muhaha" followed by

"Supercalifragilisticexpialidocius-muhaha-muhaha"

"yes"

"delete all pictures"

"all"

"delete all documents"

"all"

"logoff"

OUCH :roll:

Jimmy 2004 · Feb 2, 2007

WarEagleAU said:
Thats funny. I never thought about it like that. I wonder if this means that Dragon Naturally Speaking (which I think I bought version 4.0 from AOL a loooong time ago) has the same capacity to do such destruction.

It is true that this isn't actually Microsoft messing up so much as the fact that people won't bother exploiting things until they become mainstream - Firefox is (was?) a good example of this. Now it is actively being hacked, which is why it is relatively less secure than it used to be, same goes for voice control.

I think you guys are right - built in voice control shouldn't have such power... but then again, to stop things like this you would need to prevent it doing certain tasks from a command prompt ect. and you can see it might get difficult to prevent all the apps that might have the ability to delete files.

Mussels · Feb 3, 2007

"But i dont wanna format my C: drive!"

Vista hears ' Format C:'

Gotta admit - its bloody funny.

Lazzer408 · Feb 3, 2007

tigger69 said:
i wont use speech anyway.and anyone remember how many bugs xp had at first?

i'm using it as my primary os now too.it seems ok to me.

Yes and I also remember how much faster XP was before they "patched" all the "bugs". Maybe these "updates" are an excuse to modify a value on the "hidden system latency timer". :rolleyes:

If Vista is such a pig now I can't imagine how slow it'll be after a few updates.

I don't think Vista will actually execute system commands from a voice command without some sort of verification prompt...can it? If so that's a major fuk-up on Micro$haft's part.

System Name	Jimmy 2004's PC
Processor	S754 AMD Athlon64 3200+ @ 2640MHz
Motherboard	ASUS K8N
Cooling	AC Freezer 64 Pro + Zalman VF1000 + 5x120mm Antec TriCool Case Fans
Memory	1GB Kingston PC3200 (2x512MB)
Video Card(s)	Saphire 256MB X800 GTO @ 450MHz/560MHz (Core/Memory)
Storage	500GB Western Digital SATA II + 80GB Maxtor DiamondMax SATA
Display(s)	Digimate 17" TFT (1280x1024)
Case	Antec P182
Audio Device(s)	Audigy 4 + Creative Inspire T7900 7.1 Speakers
Power Supply	Corsair HX520W
Software	Windows XP Home

System Name	Ez - 1st custom
Processor	AMD Phenom x3 8450
Motherboard	Asus m3a78-em
Cooling	thermaltake mini typhoon :D aerogate fan controller
Memory	6gb corsair xms 2 800mhz ddr2
Video Card(s)	xpertvision HD 4850 1GB ddr3 sonic 685/1000
Storage	Corsair 128gb SSD, 2x 250GB maxtor 16mb cache raid 0, 500gb 32mb cache storage
Display(s)	AMD surround view 2x e172fp 17" 1x dell e248wfp 24"
Case	coolermaster elite 330
Audio Device(s)	creative audigy se
Power Supply	hiper type r 580watt
Software	Windows 7 x64

System Name	MY PC
Processor	E8400 @ 3.80Ghz > Q9650 3.60Ghz
Motherboard	Maximus Formula
Cooling	D5, 7/16" ID Tubing, Maze4 with Fuzion CPU WB
Memory	XMS 8500C5D @ 1066MHz
Video Card(s)	HD 2900 XT 858/900 to 4870 to 5870 (Keep Vreg area clean)
Storage	2
Display(s)	24"
Case	P180
Audio Device(s)	X-fi Plantinum
Power Supply	Silencer 750
Software	XP Pro SP3 to Windows 7
Benchmark Scores	This varies from one driver to another.

Processor	E6300 @ 2.13 ghz \|&\| E6300 2.13 ghz
Motherboard	Asus P5B \|&\| Asus P5B
Cooling	Artic Cooling Freezer 7 Pro\|&\|2x80mm fans in-case
Memory	2x 512 mb 677 Ram DDR2 \|&\| 1gb Ram DDR2 677mhz
Video Card(s)	XFX 7950GT 256mb \|&\| ???
Storage	Seagate 80GB \|&\| Seagate 80GB
Display(s)	Acer 19" LCD \|&\| ViewSonic VP920b 19"
Case	XION III Black/Green \|&\| A plain case...
Audio Device(s)	Onboard \|&\| Dead..so onboard
Power Supply	Antec TruePower Trio \|&\| OCZ GameXstream 600W
Software	XP Pro 32bit, XP Pro 64bit, MS Vista Ultimate (REAL)

Processor	AMD X2 4400+
Memory	2G
Video Card(s)	7950 GX2
Storage	2x 74g 10000rpm Raid:0
Display(s)	Dell 1920x1200 widescreen
Software	3dmark06 score: 7650

Vista Speech Recognition Flaw

Jimmy 2004

New Member

EviLZeD

New Member

EastCoasthandle

New Member

bhaskar15

New Member

Deleted member 24505

Guest

Benpi

New Member

lemonadesoda

WarEagleAU

Bird of Prey

Alec§taar

New Member

Sasqui

W1zzard

Administrator

Alec§taar

New Member

zekrahminator

McLovin

lemonadesoda

Jimmy 2004

New Member

Mussels

Freshwater Moderator

Lazzer408

System Name	ICE-QUAD // ICE-CRUNCH
Processor	Q6600 // 2x Xeon 5472
Memory	2GB DDR // 8GB FB-DIMM
Video Card(s)	HD3850-AGP // FireGL 3400
Display(s)	2 x Samsung 204Ts = 3200x1200
Audio Device(s)	Audigy 2
Software	Windows Server 2003 R2 as a Workstation now migrated to W10 with regrets.

System Name	Pandemic 2020
Processor	AMD Ryzen 5 "Gen 2" 2600X
Motherboard	AsRock X470 Killer Promontory
Cooling	CoolerMaster 240 RGB Master Cooler (Newegg Eggxpert)
Memory	32 GB Geil EVO Portenza DDR4 3200 MHz
Video Card(s)	ASUS Radeon RX 580 DirectX 12 DUAL-RX580-O8G 8GB 256-Bit GDDR5 HDCP Ready CrossFireX Support Video C
Storage	WD 250 M.2, Corsair P500 M.2, OCZ Trion 500, WD Black 1TB, Assorted others.
Display(s)	ASUS MG24UQ Gaming Monitor - 23.6" 4K UHD (3840x2160) , IPS, Adaptive Sync, DisplayWidget
Case	Fractal Define R6 C
Audio Device(s)	Realtek 5.1 Onboard
Power Supply	Corsair RMX 850 Platinum PSU (Newegg Eggxpert)
Mouse	Razer Death Adder
Keyboard	Corsair K95 Mechanical & Corsair K65 Wired, Wireless, Bluetooth)
Software	Windows 10 Pro x64

Processor	DualCore AMD Athlon 64x2 4800+ (o/c 2801mhz STABLE (Ketxxx, POGE, Tatty One, ME))
Motherboard	ASUS A8N-SLI Premium (PCIe x16, x4, x1)
Cooling	PhaseChange Coolermaster CM754/939 (fan/heatsink), Thermalright heatspreaders + fan built on (RAM)
Memory	512mb PC-3200 DDR400 (set DDR-33 for o/c) by Corsair (matched pair, 2x256mb) 200.1/200mhz
Video Card(s)	BFG GeForce 7900 GTX OC 512mb GDDR3 ram (o/c manually to 686 core/865 memory) - PhaseChange cooled
Storage	Dual "Raptor X" 16mb 10krpm/RAID 0 Promise EX8350 x4 PCIe 128mb & Intel IO chip/CENATEK RocketDrive
Display(s)	SONY 19" Trinitron MultiScan 400ps 1600x1200 75hz refresh 32-bit color
Case	Antec Super-LanBoy (aluminum baby-tower w/ lower front & upper rear cooling exhaust fans)
Audio Device(s)	RealTek AC97 onboard mobo stereo sound (Altec Lansing ACS-45 speakers - 10 yrs. still running!)
Power Supply	Antec 500w ATX 2.0 "SmartPower" powersupply
Software	Windows Server 2003 SP #1 fully patched, & massively tuned/tweaked to-the-max (plus latest drivers)

System Name	Senile
Processor	I7-4790K@4.8 GHz 24/7
Motherboard	MSI Z97-G45 Gaming
Cooling	Be Quiet Pure Rock Air
Memory	16GB 4x4 G.Skill CAS9 2133 Sniper
Video Card(s)	GIGABYTE Vega 64
Storage	Samsung EVO 500GB / 8 Different WDs / QNAP TS-253 8GB NAS with 2x10Tb WD Blue
Display(s)	34" LG 34CB88-P 21:9 Curved UltraWide QHD (34401440) FREE_SYNC*
Case	Rosewill
Audio Device(s)	Onboard + HD HDMI
Power Supply	Corsair HX750
Mouse	Logitech G5
Keyboard	Corsair Strafe RGB & G610 Orion Red
Software	Win 10

Processor	Ryzen 7 5700X
Memory	48 GB
Video Card(s)	RTX 4080
Storage	2x HDD RAID 1, 3x M.2 NVMe
Display(s)	30" 2560x1600 + 19" 1280x1024
Software	Windows 10 64-bit

Processor	AMD Athlon 64 X2 4800+ Brisbane @ 2.8GHz (224x12.5, 1.425V)
Motherboard	Gigabyte sumthin-or-another, it's got an nForce 430
Cooling	Dual 120mm case fans front/rear, Arctic Cooling Freezer 64 Pro, Zalman VF-900 on GPU
Memory	2GB G.Skill DDR2 800
Video Card(s)	Sapphire X850XT @ 580/600
Storage	WD 160 GB SATA hard drive.
Display(s)	Hanns G 19" widescreen, 5ms response time, 1440x900
Case	Thermaltake Soprano (black with side window).
Audio Device(s)	Soundblaster Live! 24 bit (paired with X-530 speakers).
Power Supply	ThermalTake 430W TR2
Software	XP Home SP2, can't wait for Vista SP1.

System Name	Rainbow Sparkles (Power efficient, <350W gaming load)
Processor	Ryzen R7 5800x3D (Undervolted, 4.45GHz all core)
Motherboard	Asus x570-F (BIOS Modded)
Cooling	Alphacool Apex UV - Alphacool Eisblock XPX Aurora + EK Quantum ARGB 3090 w/ active backplate
Memory	2x32GB DDR4 3600 Corsair Vengeance RGB @3866 C18-22-22-22-42 TRFC704 (1.4V Hynix MJR - SoC 1.15V)
Video Card(s)	Galax RTX 3090 SG 24GB: Underclocked to 1700Mhz 0.750v (375W down to 250W))
Storage	2TB WD SN850 NVME + 1TB Sasmsung 970 Pro NVME + 1TB Intel 6000P NVME USB 3.2
Display(s)	Phillips 32 32M1N5800A (4k144), LG 32" (4K60) \| Gigabyte G32QC (2k165) \| Phillips 328m6fjrmb (2K144)
Case	Fractal Design R6
Audio Device(s)	Logitech G560 \| Corsair Void pro RGB \|Blue Yeti mic
Power Supply	Fractal Ion+ 2 860W (Platinum) (This thing is God-tier. Silent and TINY)
Mouse	Logitech G Pro wireless + Steelseries Prisma XL
Keyboard	Razer Huntsman TE ( Sexy white keycaps)
VR HMD	Oculus Rift S + Quest 2
Software	Windows 11 pro x64 (Yes, it's genuinely a good OS) OpenRGB - ditch the branded bloatware!
Benchmark Scores	Nyooom.

Processor	i7 2600k@4.6ghz
Motherboard	MSI z68ma-ed55
Cooling	Silentx Extreem 120mm
Memory	2x4gb XMS 7-8-7-20 1600
Video Card(s)	HD6870
Storage	2x128gb Kingston Hyper-X (Raid0), 2x750gb RE3 (RAID1), 2x750gb RE3 (RAID1)
Display(s)	Soyo 24", Gateway 22"
Case	Fractal Design Arc Mini 6x120mm fans.
Audio Device(s)	Onboard
Power Supply	Zalman 750w
Software	Windows 7