Samsung: Keylogger Accusation Is False

Computer maker Samsung has issued a strident denial that it pre-installs secret keylogging software on its computers.

As we reported yesterday, security consultant Mohamed Hassan, writing at Network World, said he’d found evidence that Samsung was installing a keylogging tool called Starlogger.

Today Samsung said: “The statements that Samsung installs keylogger on R525 and R540 laptop computers are false.”

Keylogging software does what it sounds like – it logs every keystroke you make. In theory, it could be used to spy on someone’s use of a computer, capturing everything they type. Including passwords.

Hassan said he found Starlogger on two Samsung laptops. When he called Samsung to ask what was going on, a supervisor on their support team confirmed the software and said it was there to “monitor the performance of the machine and to find out how it is being used.”

The guys at F-Secure were suspicious about the whole thing, so they did an experiment of their own. They went to a computer store and looked for Starlogger on a bunch of Samsung laptops there. Result? Nothing.

Samsung says Hassan got a false positive result, and that his scanning software mistook a simple language file for the keylogger.

That doesn’t explain the mysterious statement Hassan got from the support supervisor, but it looks increasingly like this was all a big misunderstanding.

http://conceptvbs.wordpress.com conceptvbs

How do you quote a “mysterious” supervisor without addressing his name and/or title?

That in itself doesnt sound right.

Networkworld should get ready for some libel lawsuits coming from Samsung as this has certainly damaged their reputation.

Samsung will definitely be seeking monetary damages from them.
jackreporter

Wow, another blog that, even after this whole thing has been revealed as the worst kind of unconfirmed kneejerk journalism, is still reprinting what Mr. Hassan wrote as if it’s gospel.

“a supervisor on their support team confirmed the software”

No. No. No!

Mr. Hassan SAID that.

Mr. Hassan ALLEGES that Samsung confirmed this.

We do not have a transcript of the call. We don’t have a recording. We don’t have anything, actually, except his one-sentence paraphrasing of a conversation with someone who may only have a limited grasp of the English language.

Given that it’s been absolutely confirmed that Mr. Hassan is a hack, not at all a “security expert” and everything else he wrote in the article is wrong, why does everyone continue to fixate on this?

The author lost all credibility the moment he said “because I’ve never gotten a false positive before, this is proof that it’s a virus”. Yet people still gave it to him. Well, now that he’s been totally debunked, people are still believing other stuff? Why?