X
Tech
Home Tech Services & Software Operating Systems Windows

Drive-by Vista hacking

Fellow ZDNet blogger George Ou recently reported that Microsoft had confirmed that audio commands played back through a computer's speakers could be picked up by the microphone and executed as Vista voice commands. That actually made me laugh out loud.
Written by John Carroll, Contributor

Fellow ZDNet blogger George Ou recently reported that Microsoft had confirmed that audio commands played back through a computer's speakers could be picked up by the microphone and executed as Vista voice commands. That actually made me laugh out loud.

It's not because George is wrong. Clearly, this is a problem, and he is right that the microphone should filter out noise that clearly originated from the speaker (one would think that some cross-referencing would be possible, given that both the speakers and the microphone are connected to the same computer). It's just the image of hackers sitting in rooms recording themselves ordering Vista to do nasty things to itself that struck me as funny.

I can imagine some interesting and imaginative street theater that makes use of this flaw. Someone could grab an old Ford Pinto, strap a rack of loudspeakers to the roof, record a bunch of Vista commands that navigates every computer that hears it to web sites your boss and/or significant other might be very annoyed to see staring at them full screen on your desk, and leave chaos in their wake, at least until someone calls the cops on them for disturbing the peace (they'd have to really crank the volume to have any effect). Of course, this would defeat the microphone / speaker audio cross referencing as the sound doesn't come from the speakers.

I also can see a lot of non-technical computer users frantically calling support lines declaring their computers are possessed.

I do see some virus potential in this. I haven't been there in awhile, but I used to visit PalTalk to engage in political chat with various people from around the world. I never bothered paying for an account, however, which meant that I had to put up with ads popping along the bottom of the window. For awhile, a particularly annoying advertisement for god knows what - bug spray, I guess - involved a Flash animation of a flying mosquito that you were supposed to try to squash. That's something you can ignore...unless they happen to add in the sound a mosquito makes, which is probably the most annoying sound ever devised on this planet. Since PalTalk is an AUDIO chat site, turning off the speakers wasn't really an option.

Replace "buzzing mosquito" with something that deletes all the files in your "My Documents" folder, and the Flash mosquito ad goes way beyond annoying and enters "Vinnie the Enforcer" territory.

Editorial standards
Show Comments

Related

Samsung Galaxy Watch 6 Classic

Samsung is giving away free Galaxy Watch 6 models right now - here's how to qualify

iPhone 14 Pro Max on grass

Here's every iPhone model that will receive Apple's iOS 18 update (and which ones can't)

Apple's Messages icon displayed on a phone screen is seen in this illustration photo taken in Krakow, Poland on August 26, 2021. (Photo Illustration by Jakub Porzycki/NurPhoto via Getty Images)

Apple is finally adding RCS texting to the iPhone - and I'm absolutely thrilled