Remote Exploit of Vista Speech Control

An anonymous reader writes "George Ou writes in his blog that he found a remote exploit for the new and shiny Vista Speech Control. Specifically, websites playing soundfiles can trigger arbitrary commands. Ou reports that Microsoft confirmed the bug and suggested as workarounds that either 'A user can turn off their computer speakers and/or microphone'; or, 'If a user does run an audio file that attempts to execute commands on their system, they should close the Windows Media Player, turn off speech recognition, and restart their computer.' Well, who didn't see that coming?"

A Whole Decade of Nothing

[99BottlesOfBeerInMyF]

More than ten years ago I was playing with the speech recognition software that shipped with MacOS 7 or something and I though being able to check my e-mail without getting out of bed was pretty cool. At the time I wrote something about the technology and predicted that speech activated commands would never take off until: 1, most audio people listened to was controlled by the computer, and 2, the computer was smart enough to filter out the sounds it was emitting before processing commands. At the time a lot of people listened to music from their computer and I imagine many still do. Why can't the computer ignore all that sound? It knows it is outputting it so why not filter it? It is sad that the same missing feature is still a problem, so many years later.

In One Ear and Out the Other

[Doc Ruby]

The damn OS is playing the audio. The damn speech-rec software is doing echo cancellation. Vista should be testing its incoming audio to detect whether it matches any outgoing audio that Vista is playing. What an incredible load of bullshit.

The quality of MS security analysts working on Vista is revealed to be very dim by this explot. This kind of exploit and defect in the Vista multimedia architecture speaks very badly of the prospect for the next 5 years of MS operating systems. They're a plague.

Re:OS X?

[gkearney]

I tried this on MacOS X version 10.4.8 (the latest version) I could not make the mac respond to voice commands being played from the speakers or from patching the sound out into a iMic. Here is what I did.

1. Ran the voice command option and configured it as apple suggests.
2. Made sure that the voice command understood my command by issuing several and getting the correct replys back from the system.
3. Recorded the command "What time is it?"
4. Played back the command with voice commands on.

The mac did not respond. I then tried the same thing with a patch cable between the output and a iMic USB audio adapter. It still would not respond from the recording bout will respond to my voice. I have no idea how Apple is able to distinguish where the voice is coming from.

Re:The Real Agenda of this Article?

[xoyoyo]

True, all speech recognition software *would* suffer from this exploit if the application designers hadn't thought about the likely scenarios in advance. I just checked the situation with my Mac, which comes with speech recognition built in (and has done since what, Mac OS 9?)

Nothing destructive is enabled by default: the worst you can do on a Mac is log yourself out, but that will keep everything running as it was before.

If you go to the Speech control panel you can, after putting your admin password in, enable Menu Bar actions which allow you to do things like trash files and restart the computer.

So by default the computer will just do helpful stuff, but if you really need full control over the OS through speech recognition (eg, you are disabled) you can enable it.

It's a good indicator of the different philosophies between the two OS vendors we also see in their approach to networking (this may have changed with Vista, I've not really been following it): Apple shut down everything by default and requires the user to open ports; windows boxes, on the other hand are wide open from first boot, have to have their ports shut down by a knowledgable user.

Startup Sound

[EricJ2190]

Now I see why Microsoft doesn't want you to change the Vista startup sound.

Re:That's hardly an exploit

[xero314]

Couldn't the system simply have a filter that removes the wave signature of what it is outputting before processing input as a command? This is relatively simple technology, as compared to voice recognition itself. You might have to re-calibrate if you move your speakers but I would think that is a small price to pay to not leave open the ability for a web site to control your system through an auto-playing wave file.

Mind you this won't stop your roommate from yelling "Shut Down...Yes" just to piss you off. Or worse yet the guy you just fired yelling something more destructive on his way out of the office.

Speech Researcher Here Confirms It

[virtigex]

I have worked on both at Apple on PlainTalk and at MS Research on speech. When I was at Apple (around 1996) I poked my head into a co-worker's office who was testing PlainTalk and said loudly "Computer Shut Down". His computer then started shutting down. This "exploit" has been on the Mac since 1996 and nobody seems to have complained about it. I don't think it's a big deal.

Re:That's hardly an exploit

[Wannabe Code Monkey]

The audio mixer in Vista is no longer based on different audio types (MIDI, CD Audio, WAV, etc). Instead, there is a volume slider and mute button for each application that makes sounds. So you can mute IE, AIM (those annoying video ads), and Windows itself, while still playing your music in WinAmp or WMP.

If that's true, then that's awesome. I remember a couple years ago reading a story on slashdot about various experimental usability projects going on at Microsoft and this was one of them. I think they even put together a mock desktop in flash where they implemented this volume system that you could play with. From a usability standpoint it was way better. I had assumed that this was something that just got lost along the way, but I'm glad to see they went through with it.

There's An Even Simpler Solution

[sweatyboatman]

If the computer thinks you're saying a command, it should disable output to the speakers. If I am talking to my computer then it should stop making its own noises. Otherwise, that's just rude.

Saying it is unfixable is a copout

[mattr]

Detection of whether a given sound is what was just emitted from the speaker may be very difficult, but it is relatively easy in terms of timing. So long as the system knows how much lag time is present in the system, it should be possible to disable detection of all sound that is being played at the same time (i.e. basically turn off the mic then). Nobody expects voice recognition to work when music or other sounds are playing, and the system, whether Vista or OS X, ought to be able to disable voice recognition instantaneously when sound output is generated.

The problem of course is that the computer next to you might suffer from the exploit since it doesn't know what sound your computer is generating, though this might be diminished by subtracting other sound to some extent via sidepointing mics or even better by just refusing to do dangerous commands like format or delete via voice recognition in the first place. There are gray areas that probably make total safety impossible but some common sense things including disabling all recognition during sound generation from explorer and wmp sound like a good place to start.

Re:The Real Agenda of this Article?

[moofo]

It worked pretty well in Mac OS 9. You could login to the machine by selecting your username and then saying a passphrase. The default was: "My Voice is my password"

Thing is, it was local accounts only, no directory system at this point, much less for voiceprints !