Galileo Completes Jupiter Mission

GalileoSeptember 21, 2003

After fourteen years in space, eight of those as the first man-made object orbiting Jupiter, the unmanned NASA spacecraft Galileo is sent into the atmosphere of the giant planet. NASA decided to end Galileo’s mission in this manner in order to avoid any possibility of it colliding with one of Jupiter’s moons and potentially contaminating it with bacteria from Earth. How sanitary of them.

How does Bing’s voice search compare to Google’s?

cortana

Google remains the dominant player in search marketing, but the industry is changing very rapidly and the old certainties may erode. Does voice search provide a platform for Microsoft to compete?

A study earlier this year revealed that Microsoft’s speech recognition technology demonstrated only a 5.1 percent word error rate in Switchboard, a conversational speech recognition task. This shows impressive development and shows that Microsoft is more than competitive in this domain, but it is only part of the picture.

Speech recognition and voice recognition are significantly different. The former extracts words and comprehends what is said; the latter also understand who said it. We could frame this as content and context.

Context will be the defining factor in who becomes the dominant player in voice search, with an increasing amount of internet-enabled devices providing the opportunity for a seamless, conversational experience.

No doubt, search is at the very heart of this battle.

Bing has positioned itself as simply a more effective search engine, with campaigns like Bing It On aimed at showing users the quality of its results compared to those of Google.

bing-it-on-1347020038

Occasionally we see stories of impressive user growth for Bing, but never quite enough to suggest a significant threat to Google’s totemic stature. Latest estimates from Smart Insights put Google’s global share of the search market at 77%, with Bing on about 8%.

The signs so far suggest that Google will remain the dominant search player in the West, but the sands are shifting and it is increasingly difficult to predict where the industry will go. With a newly-announced partnership with Amazon’s Alexa, Microsoft is clearly not going to give up the fight.

So, if search is the glue that holds this together, what is Microsoft’s strategy to compete with Google? We know Microsoft’s speech recognition technology is effective, but how do its voice search capabilities stack up?

Microsoft voice search: the key details

Microsoft’s digital assistant, Cortana, is embedded into Windows-enabled devices and into Microsoft’s Edge internet browser. That provides access to over half a billion users, once we factor in Microsoft’s Xbox gaming consoles.

Cortana has a multitude of uses. It helps users navigate the Windows interface and can respond to a multitude of wider queries, powered by Microsoft’s Bing search engine, for example.

Of course, mobile is a core focus and therefore Cortana is available via a range of Microsoft mobile hardware and software.

Like other digital assistants, Cortana is always ready to answer queries on a Windows device. It now prompts users to test its broadening functionalities by pushing notifications like “Ask me to remind you to buy eggs next time you’re at the supermarket” or “Would you like to know which song is playing?”

It can be a bit creepy and intrusive, but for the most part users will only really notice Cortana when they need to use it. The list of prompts is quite formulaic and Cortana simply searches a query on Bing when it can’t understand what the user wants.

Cortana voice commands

All of this functionality is at its best when a user is logged in across a range of Microsoft devices, however. The same is true of any digital assistant, but the the respective cases of Apple and Google this is simply more likely to occur.

This means that Cortana misses out on vital context, not through any technological shortcoming, but rather through the lack of mass adoption of Microsoft’s hardware.

On the software front, Microsoft fares better. There are now over 100 million monthly users of Cortana via Windows 10, and the latest edition of the Edge browser continues to bring voice search to the fore.

This is still not quite enough to make a significant dent in Google’s lead, however. One of the most searched-for technology-based phrases on Bing is [google], after all.

Microsoft’s voice search strategy

The challenge for Microsoft has always been to gain enough of the valuable mobile software market to compete with Apple and Google.

Where Apple controls a very profitable section of both the hardware and software ecosystems, Google has historically focused on its Android OS as a Trojan horse to ensure continued use of its products on a wide range of devices.

With Google Home, the Google Pixel smartphone, and Google’s soon-to-be-completed purchase of Taiwanese smartphone company HTC, the focus has shifted to hardware as the Internet of Things comes of age.

Microsoft’s Invoke smart speaker ensures it has a seat at the table, but it is the partnership with Amazon’s highly successful Echo speakers that should increase usage numbers for Cortana.

Invoke

Microsoft has always fared well in the enterprise market (albeit under increasing competition from Apple and Google here, too), but the personal smartphone market has been harder to break.

Further integrations with popular platforms such as Spotify, to go along with Microsoft’s ownership of Skype, could start to position Cortana as an appealing alternative to the walled garden approach of Apple.

How does Microsoft voice search differ from Google voice search?

Although both function in similar ways, there are some core areas of differentiation:

  • Speech recognition: Cortana does this fantastically well and, although Google Assistant is still very accurate, small margins do matter in this arena. Although only a sample size of one, I can also attest that Cortana comprehends my Irish brogue much more accurately than Google Assistant.
  • Business task management: Cortana can be a huge timesaver with commands like “Pull up the latest version of my task tracker.” With full access to the Windows OS, it can locate documents quite easily and reduce time spent on laborious document searching.
  • Context: When a user is logged in across Windows products, Cortana can serve accurate contextual results. See below for an example of the same phrase searched by voice on a Windows laptop using Cortana and Google:

Cortana-Leeds

The differences are slight, but telling. Cortana knows that I am currently in Spain (I am using a Windows laptop), and therefore provides the kick-off in my local time. Google is not privy to this information and serves the result in Eastern Time, as my account is based in the US.

When results default to Bing, it all gets a little hairier.

I follow up by asking who will be in the starting lineup and receive a bizarre result about the USA soccer team, a news story about a Leeds starting lineup from three years ago, and some news about the Leeds music festival.

Leeds line-up

Google does a better job of this, but both lack the immediacy that integration with a social media feed would provide:
Google Leeds

This same pattern plays out across a wide range of travel, weather, and commercial queries. When Cortana can pull an immediate answer, it does so very capably; when it resorts to providing a list of search results from Bing, the quality varies. Google therefore represents a much more consistent, reliable option.

The new partnership with Amazon may open a range of avenues for Microsoft to reach a wider audience, which will only help to refine these recommendations. For the moment, Google’s superior search experience remains its trump card in the battle for digital assistant supremacy.

In summary

A graphic comparing the voice search capabilities of Microsoft and Google, respectively. Under the Microsoft section, the pros are listed as: speech recognition, ecommerce offering via Amazon, and Skype integration. The cons are listed as: voice recognition, lack of third-party integrations, and Bing search results. The devices which support Microsoft voice search are listed as: Microsoft devices, Windows 10 and Microsoft Edge. Under the Google section, the pros are listed as: context recognition, linked to all Google products, and Google search. The cons are listed as: speech recognition is flawed, shopping offering is a work in progress. The devices which support Google voice search are listed as: Android devices, Google Chrome and Chromebooks.

Image created by Clark Boyd

Related reading

Google-Search-Console

Progress on CCleaner Investigation

Vince Steckler & Ondřej Vlček, 21 September 2017

Large technology and telecommunications companies were targeted


Following the take-down of the CnC server and getting access to its data, the Avast Security Threat Labs team has been working around the clock to investigate the source and other details of the recent Piriform CCleaner attack. To recap, the attack affected a total of 2.27M computers between August 15, 2017 and September 15, 2017 and used the popular PC cleaning software CCleaner version 5.33.6162 as a distribution vehicle. Today, we would like to report on the progress so far.

First of all, analysis of the data from the CnC server has proven that this was an APT (Advanced Persistent Threat) programmed to deliver the 2nd stage payload to select users. Specifically, the server logs indicated 20 machines in a total of 8 organizations to which the 2nd stage payload was sent, but given that the logs were only collected for little over three days, the actual number of computers that received the 2nd stage payload was likely at least in the order of hundreds. This is a change from our previous statement, in which we said that to the best of our knowledge, the 2nd stage payload never delivered.

At the time the server was taken down, the attack was targeting select large technology and telecommunication companies in Japan, Taiwan, UK, Germany and the US. Given that CCleaner is a consumer-oriented product, this was a typical watering hole attack where the vast majority of users were uninteresting for the attacker, but select ones were. For privacy reasons, we’re not disclosing the list of targeted companies publicly; instead, we have been reaching out individually to those companies who we know have been impacted, and providing them with additional technical information to assist them.

The 2nd stage payload is a relatively complex piece of code that uses two components (DLLs). The first component contains the main business logic. As with the first payload, it is heavily obfuscated and uses a number of anti-debugging and anti-emulation tricks. Much of the logic is related to the finding of, and connecting to, a yet another CnC server, whose address can be determined using three different mechanisms: 1) an account on GitHub, 2) an account on WordPress, and 3) a DNS record of a domain get.adxxxxxx.net (name modified here). Subsequently, the address of the CnC server can also be arbitrarily modified in the future by sending a special command, recognized by the code as a signal to use the DNS protocol (udp/53) to get address of the new server. Together with law enforcement, we’re continuing the analysis by getting access to the data from these additional CnC servers and tracing further to the attacker.

The second part of the payload is responsible for persistence. Here, a different mechanism is used on Windows 7+ than on Windows XP. On Windows 7+, the binary is dumped to a file called “C:\Windows\system32\lTSMSISrv.dll” and automatic loading of the library is ensured by autorunning the NT service “SessionEnv” (the RDP service). On XP, the binary is saved as “C:\Windows\system32\spool\prtprocs\w32x86\localspl.dll” and the code uses the “Spooler” service to load.

Structurally, the DLLs are quite interesting because they piggyback on other vendors’ code by injecting the malicious functionality into legitimate DLLs. The 32-bit code is activated through a patched version of VirtCDRDrv32.dll (part of Corel’s WinZip package), while the 64-bit uses EFACli64.dll – part of a Symantec product. Most of the malicious code is delivered from registry (the binary code is saved directly in registry in keys “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WbemPerf\00[1-4]”). Again, all of these techniques demonstrate the attacker’s high level of sophistication.

In parallel to the technical analysis, we have continued working with law enforcement units to trace back the source of the attack. We are committed to getting to the bottom of who is behind this attack. While providing routine periodic updates, our energies are focused on catching the perpetrators. Our approach is to do all of this in the background, to increase our chances of identifying the perpetrator.  We believe nothing is served by being too noisy, e.g. stating who was targeted and/or compromised and it is up to the target to choose when to disclose.

Finally, it is extremely important to us to resolve the issue on customer machines. For consumers, we stand by the recommendation to upgrade CCleaner to the latest version (now 5.35, after we have revoked the signing certificate used to sign the impacted version 5.33) and use a quality antivirus product, such as Avast Antivirus. For corporate users, the decision may be different and will likely depend on corporate IT policies. At this stage, we cannot state that the corporate machines could not be compromised, even though the attack was highly targeted.

We will provide additional updates as we progress.

Vince Steckler, CEO
Ondrej Vlcek, CTO and EVP Consumer Business

%d bloggers like this: