Cortana allows researchers to bypass password lock with voice commands

By Greg S
Mar 7, 2018
Post New Reply
  1. Whether you are a user of Cortana or not, the digital assistant appears to be here to stay for the long haul. Security researchers Tal Be'ery and Amichai Shulman have found that Cortana is able to respond to commands even when computers are sleeping or locked. This has opened up some creative avenues for malicious individuals to take advantage of.

    With the help of Cortana, a web browser can be opened and instructed to navigate to an insecure website. From there, malware can be installed on the target machine and obtain full access to the computer. Meanwhile, the computer appears to remain locked despite the fact that programs are able to be executed remotely by an attacker.

    One issue with nearly all voice-controlled assistants is that anyone can issue commands. Cortana actually does have a setting to "try to respond only to me," but is still not all that accurate and can pick up commands from other people. With better differentiation between user voices, this specific attack would be much more difficult to perform. An obvious solution is for Microsoft to simply disable Cortana when a user is not authenticated.

    Even with perfect voice recognition, voice systems are still susceptible to ultrasonic noise. Chinese researchers developed an exploit called DolphinAttack that uses high frequency signals to issue voice commands to digital assistants. These are completely inaudible to humans but can still be detected by standard quality microphones.

    In practice, this abuse of Cortana seems as though it would require physical access, but that is not the case. An infected computer can have its volume turned up in attempt to trigger Cortana on nearby devices. This does require that speakers are present, but leads to interesting possibilities for would-be attackers, offering worm-type capabilities.

    A full presentation of the findings will be presented on Friday at the Kaspersky Analyst Security Summit.

    Permalink to story.

  2. Capaill

    Capaill TS Evangelist Posts: 475   +199

    Windows seems to have changed the way it logs in. I have noticed since the last major update (Fall?) that, when I boot up the PC, it continues to load drivers even while it's waiting for me to press Ctrl-Alt-Del to login. Then, when I login, almost everything has been preloaded. I guess it was done so it seems that it boots quicker but it must have security implications.
    The obvious solution given in the article for Cortana is so obvious, it's shocking that it wasn't done. Unless it's possible to unlock the device using Cortana. In which case the number of voice commands available should be severely limited until it can be verified that a physical user is present.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...