Author Topic: Interesting Vista "Vuln"  (Read 3583 times)

0 Members and 1 Guest are viewing this topic.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Interesting Vista "Vuln"
« on: January 31, 2007, 10:02:52 pm »
It's more of a mischief thing, but if somebody has "voice recognition" enabled on Vista, you can use spoken commands (like, music played on a website) to run commands on the computer.  Apparently it doesn't have to be terribly loud or clear, either.  You can do anything that doesn't require UAC, for example:
- Install a program (for the current user)
- Delete files, send an email
- Play more audio (for nearby computers? :))
- Encrypt files (probably with an external program)

It's not terribly important, but it's kind of funny.  Ways to fix it:
- Require a unique password
- Prevent feedback (but you could still use other computers)

It was originally posted on the Daily Dave mailing list, though a lot of news sites have picked it up:
http://lists.immunitysec.com/pipermail/dailydave/2007-January/thread.html (near the bottom)

Here's my favorite post:
Quote
I can see it now; all you need is one 0wned host every
few feet and you can bark commands to all the others
within earshot.  First thing you tell them is to join in
the sing-along.  It would make a great movie scene -- with
maybe Richard Clarke looking over his shoulder down a
corridor in the Pentagon and saying "Do you hear that?"
as a crescendo of "halt-and-catch-fire" rises in the
in the distance...

Here's $500 for the first documented case of someone
using the white courtesy phone in an airport to page
Mr Shootdown, Reese Sett, Sleep Now, or whatever and
blanking all the laptops in a concourse.  An extra
$500 if it's DC National...

Offline MyndFyre

  • Boticulator Extraordinaire
  • x86
  • Hero Member
  • *****
  • Posts: 4540
  • The wait is over.
    • View Profile
    • JinxBot :: the evolution in boticulation
Re: Interesting Vista "Vuln"
« Reply #1 on: January 31, 2007, 10:13:24 pm »
It's more of a mischief thing, but if somebody has "voice recognition" enabled on Vista, you can use spoken commands (like, music played on a website) to run commands on the computer.  Apparently it doesn't have to be terribly loud or clear, either.  You can do anything that doesn't require UAC, for example:
- Install a program (for the current user)
- Delete files, send an email
- Play more audio (for nearby computers? :))
- Encrypt files (probably with an external program)

It's not terribly important, but it's kind of funny.  Ways to fix it:
- Require a unique password
- Prevent feedback (but you could still use other computers)
I don't really see this as becoming anything remotely resembling anything worthwhile. 

Voice Recognition is opt-in.  It doesn't come as on by default.

UAC is required for programs being installed to \Program Files\.  Which is pretty much all of them.

Since encryption is transparent to the user, whether or not a user's files are encrypted is really irrelevant.

Cute idea, but just more "haha, look at what we can do to fuck up progress" drivel from the anti-Microsoft crowd....
I have a programming folder, and I have nothing of value there

Running with Code has a new home!

Our species really annoys me.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Interesting Vista "Vuln"
« Reply #2 on: January 31, 2007, 11:06:01 pm »
I addressed everything you said. 

It wasn't posted in an anti-microsoft style, more like "I wonder if you can...." type thing. 

By encrypt, I mean the hold-your-stuff-random approach.  For example, download a program which encrypts the user's files then displays a message saying "Send $1 to happy dude!"

But you're right, the #1 problem is that speech recognition isn't on my default.

Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Re: Interesting Vista "Vuln"
« Reply #3 on: January 31, 2007, 11:25:25 pm »
"Send $1 to happy dude!"
I can't believe they're using my machine for this. :(
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine