classic security mistake

February 2, 2007February 2, 2007| etbeclassic security mistake| 0 Comment| 21:44
Categories :

One of the most obvious (and yet most common) computer security mistakes is to take input from an untrusted (and potentially hostile) source. A classic example of this is in Windows Vista where audio output from the system speakers can be taken as input to the speech recognition system. According to the BBC article an MS representative said “it would be unlikely the user would not be in the room to hear the file with malicious instructions being played“.

It seems that according to MS it’s OK for your computer security to be breached, just as long as you are around to witness it!

Related posts:

  1. invasive vs inconvenient security The recent news from the UK gives us an example...
  2. laptop security on planes There has been a lot of discussion recently about how...
  3. more about vista security While reading the discussion of Vista security on Bruce Schneier’s...
  4. more security foolishness Dutch police arrested 12 people for acting suspiciously on a...
  5. a good security design for an office One issue that is rarely considered is how to deal...

Related Post

Upgrading SE Linux Policy

August 2, 2008 August 2, 2008 | etbe Upgrading SE Linux Policy | 0 Comments | 13:16
When I first packaged the SE Linux policy for Debian the only way to adjust [...]
View MoreView More

Insider Threats and Small Storage Devices

October 17, 2007 October 17, 2007 | etbe Insider Threats and Small Storage Devices | 12 Comments | 19:00
Danny Angus writes about the potential threat posed by small storage devices with large capacity [...]
View MoreView More

Lintian and Executable Stacks

October 10, 2007 October 10, 2007 | etbe Lintian and Executable Stacks | 1 Comment | 13:10
Debian has a program called Lintian that is used to search for common bugs in [...]
View MoreView More