Shark Bait

Knowledge Centers

Operating Systems

Networking & Internet

Mobile & Wireless

Security

Storage

Business Intelligence

Servers & Data Center

Computerworld Reports

Industry

See your link here

Angela Gunn

Pushing Buttons

Not much worth shouting about

1 comment

IT TOPICS:Security

Oh! Ma! GAWD! A hole in Vista? Can this BE?!? (*cough* *sorry*) Seriously, the reports of a weird vulnerability in Microsoft's new OS are interesting -- g0t f1rst!!!1 is something everyone enjoys playing now and then. But the "shout hacking" vuln sounds less like something that ought to concern a reasonable manager (or user) and more like a one-person game of Twister. Let's see: If speech recognition is enabled, and if the user has a mike and speakers hooked up, and if you can either get access to the machine or convince the user to play your audio file, and if you can do all this without anyone noticing a sufficiently loud "shout hack" in progress...

Whew. You'll pardon me if I'm not overwhelmed with this threat. It's good to spot potential problems, and anyone who feels they have an installation in which something like this might happen would be smart to lock it down: disable speech recognition, or if that's not practical beware of unknown audio files (or weirdos shouting at your computer -- hey, that's YOUR job). But do let's try to keep the hysterics and the name-coinage to a minimum, 'kay? Not like there's not enough to worry about already for most security folk.

Email this

Digg this

What People Are Saying

Add new comment

But it does open up

Submitted by Anonymous on February 2, 2007 - 1:51 P.M.

But it does open up interesting questions about Vista for blind users...

Reply | Report this comment

Google Dashboard: Convenient, useful, but no big deal

Web filtering internationally, part 1: China

The fobbit

Unlock/jailbreak new iPhone 3G software with #blackra1n app

LIVE Nov 10, 2009 12:00 PM ET

Architecting Business Intelligence Applications for Change: The Open Solution

LIVE Nov 12, 2009 02:00 PM ET

The State of PCI DSS Compliance at Organizations Today
Download this resource today!

Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...

Can Heuristic Technology Help Your Company Fight Viruses?
What is Heuristic Technology and how can it help safeguard your business against viruses? Learn more.

Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.

Why Email Must Operate 24/7 and How to Make This Happen
Learn how to avoid an email outage by implementing a hosted email continuity solution.

Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!

All White Papers | All Webcasts