If your Win10 machine did not go beep in the night, you might want to get on that reboot as there are numerous security patches waiting to install. One of them is a long standing flaw which effects those who haven't disembowelled the Cortana search assistant on their computer. For those that have managed to subdue Cortana, rest assured she is not listening to you at all times; those who haven't should be aware that she is always listening, even in her sleep. As creepy as that already is, it has also been a way to take advantage of long standing security flaw in the assistant. This, as well as a patch for a Spectre variant and a variety of other patches is waiting your installation.
You can check out information on Cortana's bad habits over at The Inquirer.
"Lane Thames, a senior security researcher at Tripwire, spoke out about the long-standing flaw with Cortana, that meant the AI helper was always listening for commands, even when a PC is locked."
Here is some more Tech News from around the web:
- June 2018, and Windows Server can be pwned with a DNS request @ The Register
- Microsoft Explains How it Decides Whether a Vulnerability Will Be Patched Swiftly or Left For a Version Update @ Slashdot
- Hello, 'Apple' here, and this dodgy third-party code is A-OK with us @ The Register
- Where is the Windows 10 Recycle Bin? @ Techspot
Very convenient “flaw”. I
Very convenient “flaw”. I doubt MS would actually fix this, there’s just too much money to be made distributing malware
Good luck doing that exploit
Good luck doing that exploit of my system. I don’t have any microphone hooked up to it.
Speakers can become a
Speakers can become a Microphone Pickup of sorts and with RGB LEDs well that’s all sorts of ways jump any air gaps, or airless(RGB Photons) for that matter.
With all that EM radiation being generated and Holes in M$’s OS and applications It’s going to be easy to hack your computer into some form of light transfer node on some nefarious botnet. Some gaming rigs are so lit up that it would be easy for some malware to modulate each and every one of those many LEDs so your cell phone camera/other cameras can pull in millions/billions of Bits/sec via even some innocuous street camera or hacked home IOT camera that also can be made to become just another avenue to swipe all your personal metrics.
LED light can even be fruther modulated by glass set into motion by your voice and those large window panes made into some very larger light(IR and other EM bands) actuated sound pickups. All the gaming rig and gaming mouse/keyboard LED’s fruther make for some interesting vectors in addition to the non visible spectrum of light that is generated by the LED’s and the other hardware.
There is so much extra EM in the background lately that researchers are using that excess of EM to see through walls in some interesting experments lately. LED’s generate plenty of non visible EM right along with any other electronics and the more sorces of EM the more bandwidth the potential malware has once it infects those ubiquitous and very poorely secured devices that number in the billions around the world.
And Windows 10 is already malware in its own right and Cortana just the evil AI that refuses to open the pod bay doors without your credit card numbers.
I disable Cortana by renaming
I disable Cortana by renaming the app in the SystemApps folder to
Microsoft.Windows.Cortana_cw5n1h2txyewy.old. Unfortunately, every time Win10 updates, it reinstalls Cortana.
https://www.howtogeek.com/265
https://www.howtogeek.com/265027/how-to-disable-cortana-in-windows-10/
Permanent, for both Home and grown up versions. 😉
Jeremy,
When you say
Jeremy,
When you say “permanent” how long has this lasted for you or others that have applied it?
You seem to be implying updates have no affect but I’d be surprised if MS didn’t periodically reset certain features even if they are disabled in the registry.
My group policy survived the
My group policy survived the Spring Update; so fairly permanent.
I’ve found it better to deny
I’ve found it better to deny windows any access to the file.