I think almost any feature on almost any computer operating system can potentially be used as a vector for malicious actions. If this is correct, this puts a certain amount of responsibility on the developer to put in place reasonable safeguards against exploits. It also places a certain amount of responsibility on the user to be aware of the possible exploits and to guard against them. But where the balance point should be between the two may be related to the type of feature and the experience level of the anticipated user.
So, when the operating system is Microsoft’s new Vista, something that will be used by a wide range of people, many of whom do are not technically minded, it behooves the developers to put in place even more safeguards than would otherwise be required. Either that, or leave the feature out (if reasonable safeguards cannot be put in place without crippling the feature it is trying to protect).
One such situation may be as reported in a blog
on ZDNet that says as long as a Vista computer is on and the microphone and speakers active, Vista’s voice recognition software will respond to anything that the microphone can pick up.
Hence, if the user went to a website/opened an email with a sound file that ordered the computer to delete all his/her data files, Vista could do exactly that. In fact, I wonder if your neighbor came over and you asked her how to delete a file and they responded: delete start dot star, within the range of the microphone, what would Vista do?
Yes, I understand that this situation could occur with any system that has voice recognition capabilities so I’m not pointing fingers at MS. But I wonder if MS doesn’t have a greater responsibility to place safeguards than, say a Unix developer. I dunno. For example, I reckon if you are designing a car that can go 200 mph, you better also design in great brakes, excellent handling, and full crash worthiness commensurate with the car’s speed potential. Likewise, if you are going to include a feature that can easily be subverted, it seems to me that you better figure out a way of making
that difficult, if not impossible to do.