Slashdot Mirror

← Back to Stories (view on slashdot.org)

Samsung Plants Keyloggers On Laptops

Posted by samzenpus on from the terrible-marketing-ideas dept.

Saint Aardvark writes "Mohammed Hassan writes in Network World that he found a keylogger program installed on his brand-new laptop — not once, but twice. After initial denials, Samsung has admitted they did this, saying it was to 'monitor the performance of the machine and to find out how it is being used.' As Hassan says, 'In other words, Samsung wanted to gather usage data without obtaining consent from laptop owners.' Three PR officers from Samsung have so far refused comment."

76 of 515 comments (clear)

  1. WTF? by Anonymous Coward · · Score: 5, Insightful

    Worst idea since Sony's rootkit. They should be prosecuted over crap like this.

    1. Re:WTF? by FlatEric521 · · Score: 5, Informative

      They should be prosecuted over crap like this.

      They will be. Sony got hit with tons of lawsuits, and they weren't using software that could steal your password. This just took corporate big brother behavior to a whole new level of invasive.

    2. Re:WTF? by matt_gaia · · Score: 2

      Probably worse idea, since, IIRC the Sony rootkit didn't collect all of the data that this keylogger could. Whatever the case is though, still an extremely douchey move, Samsung, and hopefully one they'll be sued to hell over.

    3. Re:WTF? by spun · · Score: 4, Insightful

      Worse than Sony's rootkit. Both programs attempt to do something to your property without your consent, but only this one also takes the opportunity to spy on you. They won't be prosecuted, though. At the very worst, some sacrificial lamb from marketing will be fired. American corporate CEOs are above the law.

      --
      - None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
    4. Re:WTF? by Missing.Matter · · Score: 4, Informative

      Samsung's CEO is Korean. Samsung is Korean company, you know.

    5. Re:WTF? by Just+because+I'm+an · · Score: 3, Interesting
      I often wondered whether as with food where there is a legal requirement to list the ingredients there should be a similar requirement for PC vendors to list all the bloat/crap/ad-ware they include on their products. Of course people may still not know what they're in for but at least there's a chance you can stop yourself getting affected by a keylogger if you bothered to check it was there. Also if this was a legal requirement then a failure to disclose its presence would lead to a relatively strightforward penalty. I know most of the readers here would probably install the system themselves and likely not even Windows but for the bulk of the consumers it might be useful to at least know what's coming and be able to make a choice *before* the purchase is made.
      -

      I'd like to see Samsung get into big trouble over this because it is inherently wrong, at least that's my position, but I am less sure if they have broken any actual laws. Maybe some digital eavesdropping provisions that are only allowed to be done by governments have been breached but I can see Samsung weaselling out of that one. There's probably a disclaimer in 5point font 100 pages into the agreement that the buyer agrees to by opening the box.... of course that's wrong too. Oh where to start...

    6. Re:WTF? by Anonymous Coward · · Score: 2, Insightful

      Shh, it's better to trash "American CEO's" and "American Coporations" Stop with your facts

    7. Re:WTF? by Anonymous Coward · · Score: 2, Informative

      Sony America and Samsung America are actually separate financial entities. They can be sued in one area and not another for example they can be sued in the U.S. but the same suit may not apply to the EU.

      I wonder if they are doing this with their phones also?

    8. Re:WTF? by lgw · · Score: 3, Interesting

      Sony paid over half a billion to settle their FTC lawsuit, and who knows how muchmore for other lawsuits. And that was the little stuff. Because Sony's rootkit made it onto many government-owned computers, the DoJ got pissed with them , and basically said "we're giving you the benefit of the doubt this once that you didn't intend to extract sensitive information from government computers, but keep in mind that penalties for doing so could include a ban on sales of all Sony products in America, and siezure of all Sony assets in America". You'd think that would get everyone's attention.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    9. Re:WTF? by sqlrob · · Score: 2

      Inserting ads into http streams in their routers.

    10. Re:WTF? by spun · · Score: 2

      Sorry, typed that wrong. Meant "In America, corporate CEOs are above the law." Applies to any and all CEOs, if the company is big enough. Have any banksters, from any country, been prosecuted in America for any crime relating to the recent depression?

      --
      - None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
    11. Re:WTF? by lgw · · Score: 5, Interesting

      If you make a habit of punishing "the CEO", then "the CEO" will be a fall guy hired by whoever actually runs the company. Sony's rootkit got Sony threatened with ending the presence of Sony in America - while America may let corporations slide on many issues, actual espianage involving a foreign corporation and sensitive government data won't be ignored.

      Samsung should be very thankful that the US Government in general avoids foreign-built computers out of a strange fear that there might be keyloggoers or similar installed on them at the factory: an idea that many /.ers once dismissed as crazy paranoia, back when Thinkpad shifted to Lenovo.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    12. Re:WTF? by Wyatt+Earp · · Score: 3, Informative

      Umm, yea.

      http://en.wikipedia.org/wiki/Bernard_Madoff

      http://www.bloomberg.com/news/2011-03-30/ex-taylor-bean-official-ragland-to-enter-plea-in-1-9-billion-fraud-case.html

      And this dude is in court right now

      http://en.wikipedia.org/wiki/Raj_Rajaratnam

      Theres alot of cases going on, have ended in pleas if you just google.

    13. Re:WTF? by erroneus · · Score: 5, Informative

      Oh please. Take it from me -- I work for an "American Company" that is completely owned by a Japanese company and is completely run by employees of that same Japanese company. It's a lie. It's a huge lie. It's a lie on the scale of saying "santa claus is real." It's clearly and obviously not the truth.

    14. Re:WTF? by camperslo · · Score: 2

      "Facts are stupid things" - Ronald Reagan during a speech at a convention

      Perhaps some of these PC vendors think that people are so used to malware that a little more doesn't matter?

    15. Re:WTF? by Coeurderoy · · Score: 4, Interesting

      There was a title for this in germany before WW1 it was called the
      - Sitz DIrector (or Redactor for a news paper) Sitting Director
      They has also the "früshtuck director" Breakfast Director

      THe first one is the one supposed to go to jail in case of problems, and the second one is usually an aristocrat with a nice title he takes the VIP to breakfast and other "meetings", so the real directors do not need to loose time...

      But somehow the IRS equivalent tends to think that whoum ever is making the most money in the company is the one that should go to jail....
      (not that it happens very often unfortunatelly)...

      So basically you should investigate the money trail and this gives you the "effective CEO" and that person should be the one sued...

      About the security of foreing built computers this is b**t ALL computers a build by an handfull of ODM in china, if the US government is not basically trashing the preinstalled software of any sensitive machine to install their own their clueless...

      And since they know how easy it was for them to stop various categories of foreing computers they cannot really ignore this...

      So buying US computer is purelly lobbying and nationalism...

    16. Re:WTF? by PCM2 · · Score: 2

      the US Government in general avoids foreign-built computers out of a strange fear that there might be keyloggoers or similar installed on them at the factory: an idea that many /.ers once dismissed as crazy paranoia, back when Thinkpad shifted to Lenovo.

      Thinkpads were being built by Lenovo long before they carried Lenovo's branding on them.

      --
      Breakfast served all day!
    17. Re:WTF? by lgw · · Score: 4, Interesting

      That bit of German history is very cool, thaks.

      If the final assembly and sale of a laptop is done in the US by a US company, then the government can hold the company responsible for making sure there are no rootkits, in software, firmware, or BIOS. And that is one case in which not just the CEO, but any engineer knowingly involved in espianage, would go to jail for a very long time. They can't hold a foreign company similarly responsible (though they could ban the company from America and sieze all its American assets, which sounds to me like enough of a threat).

      --
      Socialism: a lie told by totalitarians and believed by fools.
    18. Re:WTF? by number11 · · Score: 5, Interesting

      If you make a habit of punishing "the CEO", then "the CEO" will be a fall guy hired by whoever actually runs the company.

      True. What needs to be done is, find the corporation guilty, and give it 30 days. Now, 30 days in the slammer is only a slap on the wrist, as punishments go. And of course, you can't actually put the corporation in the local jail, but you can put it under "house arrest". Send the marshalls around to padlock their premises, and freeze their bank accounts for 30 days.

      The economic consequences to the corporation would be vastly greater than any fine that could be levied. But nobody worries about other criminals who won't be able to meet their financial commitments if they do a stretch in the workhouse, so why should we worry about that when it's a corporate "person"?

    19. Re:WTF? by Chris+Mattern · · Score: 2

      Congratulations, you've just made everyone who works at that corporation, everyone who depends on that corporation's product, everyone who owns stock in that corporation, a willing, an *enthusiastic* accomplice to whatever crimes they may commit. Because they sure as hell won't want the corporation to ever be convicted of it.

    20. Re:WTF? by Anonymous Coward · · Score: 5, Insightful

      Draconian solutions remind everyone of their personal responsibility. Rest assured that if investing in corporations that break the law came with actual monetary costs, pretty soon people would be avoiding the stocks of those corporations like the plague. And nothing of value would be lost.

    21. Re:WTF? by clang_jangle · · Score: 2

      I often wondered whether as with food where there is a legal requirement to list the ingredients there should be a similar requirement for PC vendors to list all the bloat/crap/ad-ware they include on their products. Of course people may still not know what they're in for but at least there's a chance you can stop yourself getting affected by a keylogger if you bothered to check it was there.

      Unfortunately, that wouldn't fix the problem. Just as they're now lobbying for the right to pass of HFCS as "corn sugar", they'd find some agreeable euphemism for their spyware to.

      --
      Caveat Utilitor
    22. Re:WTF? by number11 · · Score: 5, Interesting

      How many innocent investors and employees are you willing to punish for the malicious actions of a few?

      They don't get "punished". Criminal behavior often hurts innocent bystanders, are you saying that somebody with a spouse and three kids should be exempt from jail because to jail them would hurt their dependents? Hell, the investors will be hurt if the corporation makes a marketing blunder, why not if the corporation commits a crime? Yes, it's unfortunate. Maybe we should give the investors and employees standing to sue the corporation for any damages they suffer.

      What if the company provides a vital service to its customers?

      What if I provide a vital service to my customers? Does that mean I should be exempt from jail?

    23. Re:WTF? by bill_mcgonigle · · Score: 3, Interesting

      These are good arguments for why big corporations are unmanageable. Too big to fail, too big to punish, too big to hold accountable.

      Perhaps we should stop allowing the the government to protect these giant corporations.

      --
      My God, it's Full of Source!
      OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
    24. Re:WTF? by Pharmboy · · Score: 5, Insightful

      That isn't a bad thing. It means the company will have trouble attracting quality talent unless it develops a system and policy to NOT do things like install root kits on computers. If you work for a company that does bad things, and you pay a price, you might want to go work somewhere else, or risk paying that price.

      Is it "fair" to all the low level employees? Maybe not, but it will be effective in protecting the general public, which means it is worth the price, since it creates an incentive for companies to NOT be asshats and install root kits on devices.

      What is fair is that companies (and shareholders) pay a price for breaking the law. This is the only way you can pressure stockholders and employees to pressure their management to do business in a fair and honest way, by having a "price" for not doing so.

      --
      Tequila: It's not just for breakfast anymore!
    25. Re:WTF? by BitterOak · · Score: 2, Informative

      Yes they should, it is a felony after all.

      Technically it isn't. It is a felony to gain unauthorized access to someone else's computer, but there is no law against installing this sort of software before the computer is sold.

      A car analogy: I can't break into your car to install a GPS tracking device, but many new car manufacturers install devices with similar functions at the factory, eg. GM's ONSTAR system.

      --
      If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?
    26. Re:WTF? by mark-t · · Score: 2

      Flip it around... if you go to jail, would that vital service be lost? If so, there's a problem.

      Why should the people who may depend on that vital service, which may include many hundreds of thousands of people, or even millions, suffer because of your actions?

      I'm not saying that under no circumstances can any innocent people be inconvenienced or put out by the actions of another guilty party... I'm just saying you need to put it into perspective and consider the total damage to society as a whole that could arise if you deprive a vital service.

      Of course, manufacturers of consumer electronic devices and appliances don't exactly qualify as vital services in any sense of the word that would have legal merit in business law.

      --
      File under 'M' for 'Manic ranting'
    27. Re:WTF? by Belial6 · · Score: 2

      It is sad how many people there are like you that actually WANT corporations out committing crimes. Individuals have people that rely on them too. If I got sent to jail for 30 days, it would financially devastate my wife and child. So, do I get a free pass to commit crimes without threat of prosecution? If not, why not?

    28. Re:WTF? by fuzzyfuzzyfungus · · Score: 2

      "Discretely" would be somewhat difficult. At best, if nobody examines the IR aperture for remote control all that closely, you'd have until the first backlight failed out of warranty and some geek cracked it open for a DIY repair.

      Now, on the other hand, it would be rather easier to hide the exfiltration of data gathered by a camera that was prominently trumpeted on the box as being related to a feature of some sort(New 'Dynadjust'(tm) technology automatically optimizes Your HD Home Theatre Experience, in real time!)... Given the low cost of a chintzy cellcam and an IR LED or two, a design that adjusts the 'virtual 5.1 surround sound' or whatever variant of nausea3D is currently in vogue based on viewer position would be (rightly) seen as a gimmick by serious home theatre types; but wouldn't raise any flags on plausibility grounds.

    29. Re:WTF? by icebraining · · Score: 4, Funny

      http://hyperboleandahalf.blogspot.com/2010/04/alot-is-better-than-you-at-everything.html

      --
      Dilbert RSS feed
    30. Re:WTF? by mysidia · · Score: 2

      but I am less sure if they have broken any actual laws. Maybe some digital eavesdropping provisions that are only allowed to be done by governments have been breached but I can see Samsung weaselling out of that one.

      Wait... Google did this on ACCIDENT (while collecting WiFi access point SSIDs).. and still got slapped with required biannual privacy audits and other penalties.

      Imagine if Google had said that was intentional and tried to defend the practice like the report says Samsung people did?

    31. Re:WTF? by arth1 · · Score: 2

      Innocent? Ignorance does not make one innocent.

      Sure, tough shit if you work for a tiny company where the owner gets thrown in jail for 30 days. You probably won't be able to do your job. But the law doesn't care about that when it's one guy. Why should it care about it when it's a corporation who otherwise has the same legal privileges as a person (and in many cases more)?

    32. Re:WTF? by Anubis+IV · · Score: 5, Informative

      Wow. [citation needed] much? Let's go down the list, shall we?

      1) Not only can I find no evidence of a $500M figure ever having existed before your comment, but if they had made a settlement for a half billion dollars, Sony wouldn't exist today. Their operating income last year was just $342M (source). Fat chance that Sony could survive a $500M settlement hit. By all indications (i.e. because it's not mentioned in their annual filings from that year and there are no followup stories to be found), this did not impact their bottom line in any sort of meaningful way.

      2) As for what the settlement actually was, they paid up to $150-175 per customer that damaged their PC in an attempt to remove the rootkit (see here), plus $5.75M in settlements to various states (source). That's it. It probably cost them less than $10M to settle the whole thing.

      3) For a quick example of a company that can take a hit like the one you talked about, we all remember the Microsoft EU antitrust case from a few years back, right? The one regarding media players, where they were fined roughly $600M, and had followup fines of roughly $250M and $1.44B, all of which were extensively covered in the news since they were, at the time, the largest fines ever handed down by the EU (more info). But Microsoft was able to absorb the hit. Of course, they could do that since their operating income last year was about $24B (source), which is roughly 70x that of Sony's.

      4) As for your DOJ claims, I can't find anything about government computers being infected (though I wouldn't doubt it) or the DOJ being involved at all. In fact, they never got involved, despite the public outcry and requests that a criminal investigation be launched.

      Aside from government computers getting infected, is anything you said true, or are you just routinely off by a few orders of magnitude when quoting figures, as well as prone to making up stories that have little basis in fact?

    33. Re:WTF? by Anubis+IV · · Score: 2

      Of course, it occurs to me now (always after I hit the Submit button, of course) that maybe you meant yen for your figure. If that were the case, your estimate is pretty close. Hmm...

    34. Re:WTF? by hrtserpent6 · · Score: 2

      Fail - these people had very little if nothing to do with the Global Financial Crisis.

      Madoff was convicted for a Ponzi scheme. Ragland tried to steal money from TARP. Raj is being indicted for insider trading.

      As heinous as their crimes were, they had NOTHING to do with the GFC caused by:
      1. the packaging, re-packaging, marking up and selling of bad assets based on fraudulent mortgage originations
      2. the completely opaque dark market of what amounted to naked bets on other people's assets

      Dimon, Blankfein, Mozilo, Fuld, Schwartz, Sullivan, Pandit, Thain, Lewis, and all the rest of the CEOs, CFOs, CROs and CRMOs who 'didn't see it coming' are still sipping Crystal and shopping at Bergdorfs. They just get to say "Oops, our bad" and move on. Some of them had to pay a fine, which of course was paid by their company. God forbid they have to pay out of their own pocket.

      And we thought Enron got off easy...

  2. Re:Not once, but twice by desdinova+216 · · Score: 3, Insightful

    What?

  3. Boycott by Lead+Butthead · · Score: 4, Insightful

    Let them know their behavior isn't appropriate. Don't buy their product, and let everyone you know why you don't recommend buying their product.

    --
    ELOI, ELOI, LAMA SABACHTHANI!?
    1. Re:Boycott by publiclurker · · Score: 2

      North if possible.

  4. Re:Not once, but twice by Anonymous Coward · · Score: 3, Funny

    I think he's trying to ask for more Peyote.

  5. It must be INFORMED consent by realxmp · · Score: 2

    If this is true then in the United Kingdom at least this is a criminal offence. It's a violation of the Regulation of Investigatory Powers Act and possibly the Computer Misuse Act. The fact that it's hidden deep in some EULA wouldn't fly, unless they made a deliberate effort to ensure users were aware.

  6. Free Disaster Recovery by Anonymous Coward · · Score: 4, Funny

    I had a longer comment, but my machine crashed before I was able to submit. Just read it back at http://logger.samsung.com/mhassan/20110330log.txt

  7. Re:Without obtaining consent? by v1 · · Score: 4, Informative

    They can put anything they darn well please into the EULA, it doesn't guarantee it to be binding or legally enforceable.

    They could sneak a line in somewhere in the middle of page 28 of 45 that says by using this software you're required to send them a check for $500. It would be very hard to enforce.

    The practice of installing hidden software like that already has been condemned by the FTC. (from TFA: In the words of the of former FTC chairman Deborah Platt Majoras, "Installations of secret software that create security risks are intrusive and unlawful." (FTC, 2007).) So they're probably going to get hammered on this. And rightfully so.

    Usually when their legal department refuses to reply when you're requesting comments before someone goes public, it's because they're busy batoning down the hatches and polishing up their resumes.

    --
    I work for the Department of Redundancy Department.
  8. Stop it by MrEricSir · · Score: 5, Insightful

    If you don't get outraged when outrageous stuff happens, then don't be surprised when more outrageous things happen. It's your own damn fault for not standing up for what's right.

    --
    There's no -1 for "I don't get it."
    1. Re:Stop it by CrazyDuke · · Score: 3, Insightful

      ...not to claim him, you, or myself more right or righteous. But, I often find when I stand up for the rights of myself and others, I usually end up standing alone. ...with a few shoe prints and knife blades in my backside for good measure.

      Did you ever get the feeling that the reason the things in life that suck are allowed to continue is because so many people want it that way?

      --
      Any sufficiently advanced influence is indistinguishable from control.
  9. Only one case? by demonbug · · Score: 5, Insightful

    A quick search didn't turn up any other reports of this besides discussion pointing back to the linked Network World article. Considering it seems very easy to detect (an SL folder in the main windows directory, accompanied by an automatic uninstall program?) it seems like people wouldn't have any trouble finding it if it is there. Anyone have any confirmation? Anyone besides Mr. Hassan finding this on their new Samsung?

    1. Re:Only one case? by echucker · · Score: 3, Informative

      Some of the comments on the article reach the same conclusion. One even suggests it was someone at the store where they were purchased that installed the logger. Problem is, Samsung's tech support guy already admitted to it.

    2. Re:Only one case? by cobrausn · · Score: 4, Interesting

      I was actually wondering the same thing myself. The article links to another discussion where a user's root kit scan caused a 'total freeze' on a samsung netbook, but this seems like something that needs verification before we grab the torches and pitchforks.

      --
      How does it feel to be a liar with pants constantly on fire?
  10. And we do this how? by jeko · · Score: 5, Insightful

    How do you recommend we install a clean copy of Windows, short of buying your own copy for $189.00? PC manufacturers don't even include a "recovery disk" any more, let alone a copy of the OS you just bought and paid for. Not that I disagree with you at all, but the average consumer isn't going to buy their PC for $500-1200, and then cough up $200 for a clean copy of the OS, and then another couple hundred to find someone to wipe and install it for them.

    --
    He put his boots up on the table and made a face. "The sig," he smirked. "You can waste your life in search of the sig."
    1. Re:And we do this how? by Tigger's+Pet · · Score: 2, Insightful

      Well, in my case it's simple as I use Linux for everything nowadays - I do still have a Win XP partition on this laptop, as it makes it easier to support my Dad when he gets problems, but I never use it.
      If I was buying a new laptop and needed Windows on it then I'd 'obtain' one. It isn't software piracy as I already own the license through buying the hardware with the COA on it, so it's not illegal. The only problem is that you would still need to download the hardware-specific drivers from Samsung's website - and who can say that they don't bury the keylogger software inside one of them? Then you're shit out of luck I guess, unless you're ready to reverse-engineer the downloaded code.

    2. Re:And we do this how? by chrisj_0 · · Score: 2

      Download it and use the OEM key on the bottom of your laptop.

    3. Re:And we do this how? by mgiuca · · Score: 2

      Dell is pretty good. I got mine in 2008 as well with installation media. I would hope they still do that. I don't think many other vendors include it.

      Honestly, we are in such a huge scam. When buying a computer, we are forced to pay Microsoft for an operating system we may not want (good luck purchasing a blank PC*), and even after having purchased it, we often don't get the actual CD so we just paid for a one-time OS that needs to be re-purchased to install a "clean" copy.

      Of course, Windows is included in the price of the PC, so most people don't even realise they've paid for it.

      *Yes, you can buy PC parts and build it yourself, but it's pretty hard to do with a laptop.

    4. Re:And we do this how? by Anonymous Coward · · Score: 3, Insightful

      You can get iso's of Windows on the net

      Oh yeah, that's a great way to avoid keyloggers.

    5. Re:And we do this how? by CastrTroy · · Score: 2

      That's what I did with my latest laptop. Days after getting my new laptop I downloaded a Windows 7 disc, used my new product key, and I was up and running in no time. It's amazing how much better a computer runs without all that crap on there. Don't know if I'm a special case, but Windows 7 has gotten really good with product keys. No special OEM only product keys where you have to find a special install CD. My Product key worked with a standard off the shelf windows 7 disk.

      --

      Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
    6. Re:And we do this how? by SCPRedMage · · Score: 3, Informative

      He didn't say download it from a "warez" site; you can download it from Microsoft's own servers.

      --
      My sig can beat up your sig.
    7. Re:And we do this how? by matrim99 · · Score: 2
      This isn't always a valid option. I had an Windows product key that only worked with the OEM version of Windows that came on an HP machine (via their hard disk recovery image or seperate install disk I paid $30 for (I ordered the "Windows Install CD" thinking it would just be a bare Windows install), both of which included all of their bloatware). When I tried this product key with a "Full Version" of Windows (100% legit, bought it for another PC) that I installed on that same HP machine (after formatting the HD), the product verification (phone home) didn't accept the HP product key for the full version of Windows (but same level, both were "home premium" if I recall correctly). The error that I got back specifically stated that my product key was only good for the HP OEM version.

      Man did that piss me off...

      Moral of the story is that not all OEM product keys work on unbloated generic Windows versions of the same level of OS.

      --
      Right. No, your other right. No, the other other right.
    8. Re:And we do this how? by socsoc · · Score: 2

      oh really? cause i'd really like you to explain further where I can magically download a windows iso for free and have it accept the OEM key on the machine without pirating it or borrowing a similar restore cd.

  11. Re:Default Software by Wyatt+Earp · · Score: 2

    Macs don't come with a lot of crapware, they work just fine with the default OS instillation.

  12. Re:Not once, but twice by Anonymous Coward · · Score: 3, Informative

    He's saying this is this is lame. the real shiza is in the chip.

  13. Re:Without obtaining consent? by Anonymous Coward · · Score: 2, Funny

    batoning down the hatches

    It's "battening down the hatches", though you might legitimately feel the urge to baton Samsung right now.

  14. Samsung and Sprint do this with Android phones too by chrisj_0 · · Score: 5, Informative

    http://forum.xda-developers.com/showpost.php?p=11763089&postcount=3

  15. Re:Oh say it isn't so... by node+3 · · Score: 5, Insightful

    "Meh, corruption isn't news, stfu" == "give me more corruption", in the end.

    If you don't get upset over these sort of things, you just invite more. Sure, making a fuss won't necessarily stop it from happening again, but remaining silent certainly won't.

  16. Extremely Sceptical by pmc · · Score: 5, Insightful

    OK - we have a keylogger that is plainly visible in the windows directory on his machine and.... that's it. Where is the rest of the evidence? It phones home - I presume he has wireshark traces in the acticle with IP addresses that are owned by Samsung.... Nope. Any network traces showing the activity? .... Nope. Naturally he bought another laptop and, without attaching it to any network, discovered the same keylogger.... Nope. Now he has announced this lots of people have looked at their Samsung laptops and found the keylogger... Nope.

    But wait - he has the admission of the company itself! Well, actually, a junior helpdesk driod who probably had no idea what he was actually talking about and was just agreeing with him to get him off the phone. Because the alternative is that every junior helpdesk droid in Samsung knows about the highly illegal secret keylogger that is install on every laptop, but none of them thought "I'm tired of being a helpdesk droid, I think a class action suit is a better way of making a living".

    There is also nonsense statements - "the keylogger is completely undetectable": Really? Apart from the c:/windows/SL directory, the entries in the registry and everything else that will make any sensible AV product go beserk that is.

    1. Re:Extremely Sceptical by John+Saffran · · Score: 3, Insightful

      Agree with your scepticism .. While the author seems to have good security qualifications, they're mostly non-technical or managerial level and the articles are awfully devoid of details and I'm concerned that he starts with attempts to equate his accusations with the Sony incident before even providing his evidence .. it sounds like he's experiencing confirmation bias.

      If this is part of the standard install it should be easy to duplicate and with the publicity this is sure to generate it's likely to be attempted.. personally I'll wait for a technical person to comment on this and more importantly provide the details rather than "After an in-depth analysis of the laptop, my conclusion was that this software was installed by the manufacturer, Samsung" (that's not good enough imho).

    2. Re:Extremely Sceptical by jordan314 · · Score: 2

      Exactly. How is it undetectable if an antivirus detects it? And the guy's rationale for it not being a false positive is "it's never failed me before"? As many users below have pointed out, the story is false: http://samsungtomorrow.tistory.com/m/1071 It was a false positive with a language pack that came with windows.

  17. Re:Default Software by node+3 · · Score: 2

    Exactly. Who on earth uses the default OS installation these days?

    Um, pretty much everyone. Unless you are going to be putting on a completely different OS (like Linux), very few people are going to go through the effort. Even most geeks will just uninstall the crapware instead of going through a full re-install.

    They're filled with crapware and even if not, are completely untrustable.

    Not Macs.

    On any new machine, you have to scrub the disk down and reinstall your own OS from scratch. I thought that was kinda computer-101 stuff these days.

    That's not even Geek 101 stuff.

  18. Monitor performance? by parlancex · · Score: 3, Interesting

    Installing a keylogger that also does screen captures to "monitor the performance" of their laptops would be like a homebuilder installing secret video cameras all over your house that relay the pictures back to him telling you he needs to "monitor the performance" of the house.

  19. Re:Not once, but twice by hairyfeet · · Score: 3, Interesting

    Wow ACs as far as the eye can see...does nobody have an account besides me anymore? While I'm not the crazy OP I'd say a good target would be GPUs, which now support running more generalized code thanks to Streams and CUDA, and while I can't say about CUDA since I haven't bought or sold Nvidia in awhile I know ATI installs the Streams SDK and support OOTB with the latest GPUs.

    Now considering the amount of horsepower and RAM built into the new GPUs I'd say that one is just waiting for a blackhat to exploit, oh and the fact nearly every X86-64 CPU now supports hardware VM acceleration, which if IIRC there has already been a demonstration called blue pill that showed that code hooking into the hardware VM was undetected by the OS.

    So while the OP does sound a "little off" I'd say...yeah, with all the crazy amounts of power the average machine has in all the support chips hardware nastiness is doable. And that of course don't count rogue governments, like say if China decided to plant a backdoor at the router factory for instance. How many of your average folks have ANY idea what the hell their router is doing? As long as they can hook to the net they're happy. So I'd say it is more a matter of when than if it will happen, and if someone cooks up a good GPU nasty I could see it spreading like a Code Red all over the damned place.

    --
    ACs don't waste your time replying, your posts are never seen by me.
  20. Not sure I buy it by Drummergeek0 · · Score: 2

    It seems like it was relatively easy to find, and both laptops were purchased at the same store so it could easily be the source, some kid in the stock room could have installed it thinking they could steal someones identity or that it made them 'leet' hackers. Taking the admittance from a customer support rep is not reliable, so I don't really count that one. Also, new computers come with various pieces of crapware installed that could also be the source without Samsung being aware(if that is the case, they need to screen the software better). I seriously doubt this was intentional on Samsung's side, if they are even responsible to begin with. It is even quite possible that the keylogger was part of debugging and QA that made it into the production image. Would like to see more data on this, at least try and capture it phoning home. That would tell you a lot about who the responsible party is.

    Network World should have at least done the due diligence of purchasing the same model and verifying the existence of the logger, and considering they are networking magazine, I am surprised they didn't test to see where the data is going.

    --
    http://en.wikipedia.org/wiki/First_Amendment_to_the_United_States_Constitution
  21. Re:Not once, but twice by WhitetailKitten · · Score: 2

    Tortured analogy. Better drink my own piss.

  22. This is not believable. by pclminion · · Score: 2, Insightful

    I mean, literally, unbelievable. I do not believe it. And anyone else who believes it without some proof apart from what this dude says, is a god damned moron. Apparently that's most of the people in this thread.

    (The fact that someone at Samsung seems to have "confirmed" it just means that someone got hold of an idiot somewhere and he said some stupid crap, probably without even understanding what he was saying.)

  23. Samsung's official? response in Korea by Anonymous Coward · · Score: 2, Informative

    saw this posted on samsung blog.

    http://samsungtomorrow.com/1070

    What they are saying is that the user was using security program called Vipre which reports \SL folder (slovenian language) created by Microsoft Live app as keylogger.

  24. here is a post on samsung blog in korea .. by h4nc0 · · Score: 2

    http://samsungtomorrow.com/1070 What they say is (keylogger) . The claim that a keylogger is installed on Samsung notebooks is false. , Vipre . we found out that the person was using a security program (av) called Vipre. Microsoft Live Application "SL" keylogger . this program reports \SL folder created by Microsoft Live App as keylogger (Live Application Microsoft , , . c:\windows "SL" , "KO" , "EN" .) something like this. If this claim is false, I see lawsuit the other way around. And please no bashing on Koreans.

  25. it's all a lie. by herojig · · Score: 4, Informative

    See http://www.samsungtomorrow.com/1071, from RTFA link.

    --
    I think therefore I can't be ~TTNH
  26. Utter bullshit by igorthefiend · · Score: 4, Informative

    False positive from a rarely used AV package - detects the same thing in an empty folder on a clean machine.
    http://www.f-secure.com/weblog/archives/00002133.html

  27. PLEASE UPDATE FRONTPAGE WITH NEW REAL FACTS by faulteh · · Score: 2

    I don't work for Samsung but I am a fan of their products.

    It seems this so called 'IT consultant' used a crap, rarely used AV product called VIPRE which caused a false-positive, mistaking a SLovenian language pack from Microsoft Live! with a keylogger called StarLogger (both use C:\windows\SL apparently.. jeez I'd hate to use such a poorly written AV package!)

    Please refer to posts by Sophos NakedSecurity blog http://nakedsecurity.sophos.com/2011/03/30/samsung-intentionally-shipping-laptops-with-keyloggerspy-software/

    and Samsung Tomorrow http://www.samsungtomorrow.com/1071

    NOW, can we please restore the integrity of /. frontpage news with actual facts instead of fear and obsolete debunked information.

    PS - where did this "IT Consultant" get his training from? back of a cereal carton???

  28. no logger after all... Re:This is not believable. by Fubari · · Score: 2
    You have good instincts :-)

    Samsung 'keylogger' is a GFI VIPRE antivirus false-positive

    Excerpt from link:

    I’ve confirmed that the ‘keylogger’ that Samsung was accused of shipping with certain notebooks yesterday by NetworkWorld is, in fact, a false-positive result by GFI VIPRE antivirus software. Replicating the false-positive is easy simply create an empty folder called SL in the Windows folder and scan it.