1、#SECTORCA BlackHatEvents#SECTORCA BlackHatEventsWhat Happens When Your Digital Clone Goes RougeAndrey Markovytch#SECTORCA BlackHatEventsSpeak For Me#SECTORCA BlackHatEventsWindows TAM 9MnSpeak For Me#SECTORCA BlackHatEventsSpeak For Me Additional FeaturesPart of Windows ecosystemCan be configured as
2、 a virtual microphoneIntegration with Teams and other appsOriginally intended to people with progressive voice disabilities,but can be used by everyone Can unlock some powerful and potentially dangerous flows like autonomous agents speaking on your behalf#SECTORCA BlackHatEventsThis is a story about
3、 love that never came to be This is a story about love that never came to be#SECTORCA BlackHatEventsAlon Leviev(alon_leviev)Security Researcher MicrosoftNetanel Ben Simon(NetanelBenSimon)Senior Security Researcher MicrosoftWhoamiSecurity Testing&Offensive Research at M Senior Security Researcher at
4、Microsoft IL,part of STORM team 15 years of experience in security field,started as a developer Areas of interest:Confidential ComputePre-OSCryptoAI Models SecurityIOT and EmbeddedCalisthenics(beginner level)Proud father of 2 kids and cat#SECTORCA BlackHatEventsSpeak For Me accessibility feature ove
5、rviewThe Threat ModelVulnerabilities on the Windows client sideVulnerabilities on cloud infrastructureThe bigger problemThe tough decisionTakeaways#SECTORCA BlackHatEventsHigh Level ArchitectureServerClientText-To-SpeechSDK8.Text7.Load ModelGenerated Voice9.Generate1.Training data2.Training dataCons
6、entConsent3.Voice Model5.Model6.Save Model4.Save Model backup#SECTORCA BlackHatEventsClient Side Zoom In#SECTORCA BlackHatEventsSpeak For Me accessibility feature overviewThe Threat ModelVulnerabilities on the Windows client sideVulnerabilities on cloud infrastructureThe bigger problemThe tough deci