If this is true, it could be the stupidest thing any laptop manufacturer has ever done: NetworkWorld is reporting the discovery of keyloggers on brand-new Samsung laptops. In an incident that holds echos of Sony’s famous rootkit embarrassment, a NetSec Consulting researcher says he spotted the StarLogger installed on two new …
I'd posit that it's definitely illegal. Surely it comes under either interception of communications - if you log every keystroke you have the contents of emails etc. - or computer misuse i.e. fucking with someone's machine without consent, or perhaps a double-whammy of both. I'd say they're screwed.
Yup, they're screwed
I'd have to rowry along with that I'm afraid.
I'd say either
a) someone has managed to infect their image source (noice exploit!)
b) the local reseller / PC shop has some idiot working for them that is infecting machines
I seriously doubt samsung would deliberately install a very easy to detect key logger!
Thats if its true, which it isn't.
But was it put there by Samsung?
To truely pull a Sony, it has to be there due to a management decision, not someone on the factory floor operating without permission for a paper backhander from a third party.
Time for a bare metal rebuild..
Build from the disks that come with the box - scan. If found, Profit! Next stage, allow it to update and check again. If found, Profit! - both those phases are owned by the manufacturer and they carry the responsibility (regardless of cause, BTW).
Makes a good story, but...
...is it true?
Well, the guy said " After the initial set up of the laptop, I installed licensed commercial security software and then ran a full system scan before installing any other software. The scan found two instances of a commercial keylogger called StarLogger installed on the brand new laptop. Files associated with the keylogger were found in a c:\windows\SL directory."
.... which might also
indicate his commercial security softare or associated installation media (or download source) as the malware delivery vector.
Otherwise, you would expect there would be many independent confirmed sighting by now, perhaps there are, but I don't see any reports [yet].
Ah, he installed something before installing anything else. Wouldn't it have been better if he'd removed the disk and then scanned it.
Also, what does he mean by initial setup? This could be anything from the simple configuration of windows to the downloading of latest drivers and service pack updates.
So, maybe not.
>>> I think seeing a story like this shortly after the FUD story the other day about how Samsung used actors in advertising material to publicise the Galaxy Tab (wow, really? A company used actors!?!) suggests Apple finally sees Samsung as a serious threat.
My God, the anti-Apple-tards are getting really desperate, to seriously make this kind of accusation. On a story which doesn't even appear to be accurate, too. And the "FUD story the other day" is presumably where "customers" were gushing about unreleased products - you think that was invented too? Did you watch the video?
Just start taking slow, deep breaths, and possibly keep away from the intertubes for a while, 'kay?
So who do you work for Microsoft or Google? or did you just forget to take your meds?
Apple are evil
Apple are really evil
Samsung: We did it to "monitor the performance of the machine"
You've missed the second article:
Where Samsung says it was installed to "monitor the performance of the machine and to find out how it is being used"
Samsung are evil
Poor show indeed
Assuming the keylogger was actually there (ie the researcher did check manually that the dodgy software was there, not just trust the security software's conclusion) then whoever supplied the system image (=Samsung) has a lot to answer for.
Even if it was put there by an unauthorised person, Samsung are responsible. And if it was deliberate, then they need serious hanging.
Comes to something when you have to do a security scan on the system out of the box.
if they really did install it, I wonder if they were licenced for that number of install's? :)
Seem an entirely different case
Sony made a corporate decision to deliberately install a rootkit without the customers knowledge or agreement in order to enforce copyright restrictions. That seems a far cry from this case, where it's likely someone was careless with a memory stick and infected the default installation for new machines. It happens occasionally - simple human error. Not great, but not in the same league as Sony.
Sony are evil
False Positives? Never! (Ahem)
I long ago stopped being surprised by false positives in AV software. So I wouldn't be at all surprised if this isn't yet another false positive.
One of my favourites being Kasperky's assertion that some legitimate software is "behaving like" some malware.
Microsoft Live Application
Whether its innocuous is debatable.
In my opinion its just more fucking cruddy bloatware...