On Fri, 02 Feb 2007 16:23:24 +0100, Thierry Zoller said: > With all due respect, I think you are crying wolf a tad bit too much. > Speech recognition is inherently unreliable, (btw remember the presentation > they gave?). Since you deem the problem as remotely exploitable,let's ignore > for one that I have to actively browse to a website and as such be physically > in front of the PC and assume we use XSS to zombie the browser and play the > audio 5 minutes later. Then we assume there is not too much background > noise, assume the audio level is ok, assume the microphone is on, > assume Speech recognition is used, assume audio is on, and so forth. > > Too many assumption to make it a real risk for me remotely, sorry. That's > my personal opinion. Is is a vulnerability ? Yes. Is it likely to work > 100% like a good crafted exploit? No On the other hand, it's the sort of attack that is really handy to have if you're doing a targeted attack against a corporation - send a crafted spam that delivers the XSS to zombie the box, sleep for a few hours, and when nobody's left in the office, crank up the volume and yell "PANTS DOWN!" to every computer within range.... :) (Remember - the average office is nice and quiet at 11PM if the janitors aren't around - and nobody ever *said* the computer making the noise was the one getting pwned... :)
Attachment:
pgpObgr0F9JZK.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/