Vista Voice Recognition 'Flaw' Reported as First Bug with New OS


As we watched the headlines surrounding the Windows Vista consumer launch this week, we were just waiting for something to happen, other than proclamations from Bill Gates that "this changes everything."


Well, apparently so was everybody else, judging by the vigorous coverage this morning of a bug (or design flaw, if you want to view it as such) in Vista's speech recognition software -- the first ever in full-release Vista -- speculated on by blogger Sebastian Krahmer and confirmed Tuesday by ZDNet blogger George Ou.


Ou found that he could use pre-recorded sound files to launch the Start Menu on his Vista system via Vista's speech recognition. From there, recorded commands could launch programs and do other basic user stuff.


An article at MacWorld this morning -- reservedly entitled "Vista Has Speech Security Hole" -- goes on to say that the flaw is expected to be of little real consequence, since a hacker would need to be standing at a system to employ it, or at least be able to play a seriously weird audio file remotely without a user noticing it.


However, Ou -- who simply contends in his post that Microsoft should filter any noises emminating from a PC out of voice recognition -- appears far more worried about the flaw, advising his readers to just turn off voice recognition, even though voice commands can't bypass the UAC to install any nastiness.


Ou -- who is often berated as a MS flak (we'd say unfairly) by commenters on his blog -- said the ability to mess with your system is inherently a big deal, and reports he was able to run tests that seriously compromise data and files -- just like a user. Ou and an MS blogger have since debated the significance of the flaw.


We feel this falls under the category of what Pund-IT analyst Charles King recently coined as "IT religious discussions" in an interview with us on multicore tech.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.