Confirmed: Samsung is Not Shipping Keyloggers http://www.f-secure.com/weblog/archives/00002133.html
We now have confirmation for what we wrote in our previous blog post: Samsung is not shipping keyloggers on their laptops.
The whole saga was caused by a false alarm of the VIPRE Antivirus product. Apparently VIPRE detects the StarLogger keylogger by searching for the existence of a directory called "SL" in the root of the Windows directory. This is a bad idea....As some Samsung laptops do indeed have a folder called "C:\WINDOWS\SL" on them by default, VIPRE would alert on them with a similar warning.
Unfortunately Mohamed Hassan (CISSP) who did the original analysis did not double-check his findings and blamed Samsung instead. Apparently he did not look at the contents of the "SL" folder at all.
UPDATE 3/31/11: Samsung has issued a statement saying that the finding is false. The statement says the software used to detect the keylogger, VIPRE, can be fooled by Microsoft's Live Application multi-language support folder. This has been confirmed at F-Secure and two other publications, here and here. Still no explanation for why Samsung originally confirmed the keylogger's existence to Hassan, as seen below.
UPDATE 3/31/11: GFI Labs, the maker of VIPRE, has issued an explanation and apology for generating the false positives that led to these articles: "We apologize to the author Mohamed Hassan, to Samsung, as well as any users who may have been affected by this false positive."
Hmmm. Samsung admits it installed the software, now this...
Edit to add: This Hassan guy claims that some unnamed Samsung "supervisor"---most likely a low level DRONE working the support help desk
--"admitted" that Samsung installed a keylogger? If Samsung does have some super-secret spy software they are hiding on their laptops would the guy answering the phone know about it, or more importantly, would he be STUPID enough to confirm it if he understood the possible repercussions of what he was confirming in the first place? For all we know he just went along with what the guy was saying to get him off the phone. I don't know about you, but i wouldn't trust one of those "support" guys to find his own a** with a map and
This guy Hassan's story and his ahem, "research" have gaping holes in them, to say the least. Network World lost any semblance of credibility publishing this DREK.
Edited by Union_Thug, 01 April 2011 - 05:05 PM.