Debate, and discuss, just dont Bore me.
With Apologies to Samsung.
Published on March 30, 2011 By Dr Guy In Personal Computing

A  report out by NetSec Consultants Corp. is reporting that Samsung is installing a hidden keylogger on all their new laptops!  While no official statement has been forthcoming from the company, a support person at the company has confirmed it.

The key logger is invisible to the user and records every keystroke the user(s) makes.  It can then send that information to any email it is set up to work with (or to any email that is hijacked by it).  Keyloggers in a class room (or a marital situation) are one thing.  Perhaps necessary in some cases, the programs are a severe security threat and really bad news!  It can steal all of your credit card information, bank account information, and just about everything that makes you unique (if you do anything on a computer).

I have not bought Samsung laptops in the past.  Given this revelation, I will not be buying any in the future either.  This is one of the biggest blunders a company has done in recent memory.  They have destroyed any trust they may have had with their clientele.


Comments (Page 2)
5 Pages1 2 3 4  Last
on Mar 31, 2011

Oh my. 

on Mar 31, 2011

This same thing happened in 2005 with Dell laptops, where a guy found a hardware keylogger.   That was later "found out" to be a hoax.   You got first a denial, from Dell, followed by an admittance, followed by another denial after it got through their PR department.   With Samsung it looks like it went straight to admitting it, to denial.

I think it's time we hacked into the keyboard drivers to spoof a flood of spurious keyboard events.  It's like a DOS attack for keyloggers.  It may even be a good way to test to see if you have one installed.  If your network traffic spikes when your keyboard traffic spikes, you've got something.

on Mar 31, 2011

tazgecko
Samsung denial http://www.samsungtomorrow.com/1071

 

I believe this more than I believe Samsung would do anything so ...well, stupid.


Quoting tazgecko, reply 12Samsung denial http://www.samsungtomorrow.com/1071

 


Time for someone to sue the living shit out of someone else.

I would.

Yep... man, I can smell this "settlement"... time to buy Samsung stock. lol.

 

on Mar 31, 2011

No major PC manufacturer would do this, it would be suicide.  What an idiot that person is who accused them of doing so without checking into it further.  If he gets sued, he deserves it.

on Mar 31, 2011

The only thing I have that is Samsung is a 250 gig portable drive. NO more Samsung products for this old fart

on Mar 31, 2011

This was identified as a false positive.  Shoddy tech journalism from these sites who published this.

 

on Mar 31, 2011

I hope others don't take up that particular habit. I'd really hate to give up my HP lappy. They could easily sneak that in on one of the updates. Nice.

Given the bad press Samsung is doing, if any others were thinking about it, they are probably thinking twice now.

DaveRI
A hacker is a hacker, even if the hacker's name is "Samsung". That's pretty disgusting.

I think Samsung took the "Hire a hacker" a step too far.

Daiwa
Worse than the Sony rootkit debacle, if true.  I wouldn't buy any Samsung products if this is independently corroborated.  I suspect it is true, but at the moment it is from just one source.

I had forgotten about that one!  Thanks for a timely reminder.

Philly0381
I'm sure if other companies were looked at some of the same would be found, they just ain't been caught yet. 

The company that found it routinely scans computers from different manufacturers.  But unless you scan yours with a good root kit killer, I guess we cannot be sure.

on Mar 31, 2011

I would love to know how SAMSUNG said they do it to collect customer data about your configuration to assist with technical problems, followed by SAMSUNG claiming it was a technical error.  

on Mar 31, 2011

Island Dog
This was identified as a false positive.  Shoddy tech journalism from these sites who published this.

 

Precisely. Or someone with an axe to grind. Don't let this affect your use of Samsung products. That would be punishing the victim, wouldn't it.

on Mar 31, 2011

DrJBHL

Quoting Uvah, reply 5Know any good rootkit killer?
Uvah:  http://www.sophos.com/products/free-tools/sophos-anti-rootkit.html

 

As an aside, I wonder if it's on their phones/smart phones as well?

Good find, Dr Guy.

High praise form the Guru of geekdom!  Thanks  And thanks for the link as well.

I guess we have to be vigilant on the phones.  Hopefully this company or another like it is doing the same thing with smart phones.

on Mar 31, 2011

I'm running Sophos root-kit. So far it has identifed several unknown hidden files. Some of them from DesktopX widgets 7, ObjectDesktop 1, Raimeter 4, Glary Utilities 1, I stopped the scan for a looksee. Apparently you have to let the scan finish before you view any of the files. I'll resume it or barring that, do another when there is more time.

Thanks for QTing the sophos product!  I do trust them and figure it will be a good one given Doc's recommendation.

tazgecko
Why?

The only reason I can think of is the government asked them to. Perhaps the South Korean government wanted a way to spy on others. What a stupid move.

taz is now looking, with suspicion, at his Samsung phone

 

Or it can be innocent - they just wanted to have a good tool for the tech calls.  A really stupid innocent move, but do not always attribute to evil what can easily be explained by stupidity (I forget who said that).

 

on Mar 31, 2011

DisturbedComputer
and that's way Sony don't get my MONEY any more Now Samsung won't get any More of my MONEY  EVER and that's how you tell a company too stick it TAKE your money else where 

You have a weapon against them.  As I told a colleague, I do not since I have never bought one of their products (yet, so now it will be ever).

I will never buy another Samsung product!

2 for 2 - it seems Samsung shot themselves in the foot - over this and other practices.

tazgecko
Samsung denial http://www.samsungtomorrow.com/1071

 

It could be - but I will wait for a followup from the firm that found them. They do not seem like one that would make a mistake like that, but no one is perfect.

on Mar 31, 2011

As always the consumer is presented with a very real problem, just who do you believe. 

on Mar 31, 2011

DrJBHL
I believe this more than I believe Samsung would do anything so ...well, stupid.

THe question then becomes why did they get confirmation from the support guy?

Ford built the Edsel and GM built the Volt.  Sometimes companies do stupid things.

Island Dog
This was identified as a false positive.  Shoddy tech journalism from these sites who published this.

 

It got my dander up.

DrJBHL
Precisely. Or someone with an axe to grind. Don't let this affect your use of Samsung products. That would be punishing the victim, wouldn't it.

If it turns out to be false, I will issue Samsung an apology.  I am going to wait for the rest of the story.

on Mar 31, 2011

FALSE ALARM Testing confirms Samsung keylogger rumour just a false alarm
http://www.theregister.co.uk/2011/03/31/samsung_keylogger_rumour_debunked/

Antivirus testers have backed up Samsung's protestations that the detection of keylogging software on brand-new Samsung laptops was just a false alarm.

Mohamed Hassan, founder of security consultancy NetSec, raised the alarm after a scan revealed that two newly purchased Samsung laptops were infected with StarLogger, a commercial keylogger. Hassan investigated the matter before working on a story for NetWork World that compared the incident to the infamous Sony BMG rootkit fiasco of 2005.

It was suggested that Samsung was using underhand methods to extract market research, monitoring user activity without their knowledge or consent in the process. Hassan was eventually put through to a Samsung support centre manager who told him that Samsung had pre-loaded software to "monitor the performance of the machine and to find out how it is being used".

Samsung quickly denied it was doing anything of the sort before issuing a more detailed statement saying that the

Quote:
confusion stemmed from the installation of the Microsoft Live! application suite. The Slovak language version of the suite creates a folder called C:\Windows\SL, the same folder name as is used by the StarLogger application and it was this that was causing alarm bells to ring.



Testing by antivirus researchers this morning confirmed that VIPRE Antivirus detects 'StarLogger' after creating a 'SL' folder on a clean PC. Even an empty folder with no files in it creates this behaviour.

 



5 Pages1 2 3 4  Last