Welcome to WebmasterWorld Guest from 54.172.221.7

Forum Moderators: bill

Message Too Old, No Replies

Researchers Find a Backdoor Into Windows 10 Through Cortana

     
7:00 pm on Mar 7, 2018 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:25784
votes: 834


According to a report, researchers have found a back door into Windows 10 via Cortana voice commands which could allow bad actors to install malware.
Tal Be'ery and Amichai Shulman found that the always-listening Cortana agent responds to some voice commands even when computers are asleep and locked, allowing someone with physical access to plug a USB with a network adapter into the computer, then verbally instruct Cortana to launch the computer's browser and go to a web address that does not use https—that is, a web address that does not encrypt traffic between a user's machine and the website. The attacker's malicious network adapter then intercepts the web session to send the computer to a malicious site instead, where malware downloads to the machine, all while the computer owner believes his or her machine is protected. Researchers Find a Backdoor Into Windows 10 Through Cortana [motherboard.vice.com]
8:21 pm on Mar 7, 2018 (gmt 0)

Senior Member from AU 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Aug 22, 2003
posts: 2226
votes: 139


Now who would have ever thought that any such thing was possible?

</sarcasm>
9:16 am on Mar 8, 2018 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:25784
votes: 834


Well, yes, and this, of course, is, without doubt, not the only voice control which could cause similar problems.
10:04 am on Mar 8, 2018 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 891


1st thing I did was remove Cortana & all associated files from my desktop computer... not that I had imagined it as a security vulnerability, but just didn't want it in my machine.

It's still in my Surface though, although I don't think I've ever accessed it and I've never turned on the Mic.

So if this hack needs someone to be physically present to do the deed, there are other safeguards in place...

BEWARE OF DOG!
9:10 pm on Mar 8, 2018 (gmt 0)

Senior Member from AU 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Aug 22, 2003
posts: 2226
votes: 139


1st thing I did was remove Cortana & all associated files from my desktop computer...

Ditto for myself - anything I didn't find useful for me personally - I have always removed.

It reminds me back in the days when a large PC hard drive was even smaller than many files today. A friend who was more software savvy than most of us was raging on about how "Micro$oft Bloatware" was unnecessarily consuming his precious hard drive space.

He wrote a small utility which listed and ultimately quarantined all M$ files which had not been used in the previous twelve months. They were quarantined to another spare drive or to floppies.

I can't remember precise details beyond it being in the days of DOS and a Windows version earlier than 3.1. What I do remember was that the quarantine directory folder sizes were almost as large as the retained files on drive C:\ necessary for operation of his PC.

Ever since those decades back - I always remember "Micro$oft Bloatware" as being mostly unnecessary. Most people don't even know it.
11:10 pm on Mar 8, 2018 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:8869
votes: 728


Cortana reinstalls during some updates. Might check that. Hackers don't care if you turn off the mic, they can turn it on. (Smarter than we are).

Physically secure your systems as well as adding as much software protection you can.
12:02 am on Mar 9, 2018 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 891


No, Cortana never reinstalled. It won't if your remove the DLL files (there are 6) and turn it Off in bios.
2:54 am on Mar 9, 2018 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:8869
votes: 728


YMMV, three of my clients have had Cortana come back from the dead. You must have lucky bytes. Has your search experience remained good (local)?
3:53 am on Mar 9, 2018 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 891


I rarely use my Windows desktop machine for local search.

My Android mobile phone is so much better at it and connects seamlessly to Google's driving navigation app... and that's when I need it, when I'm out looking for local businesses & locations.

But no, I've not seen any impact on Bing (Windows) search by removing Cortana.